{"url":"http://public2.vulnerablecode.io/api/packages/376438?format=json","purl":"pkg:generic/curl.se/curl@7.85.0","type":"generic","namespace":"curl.se","name":"curl","version":"7.85.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"8.20.0","latest_non_vulnerable_version":"8.20.0","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5979?format=json","vulnerability_id":"VCID-14cb-wnj7-13e2","summary":"curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6253.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6253.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6253","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09025","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6253","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6253"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461202","reference_id":"2461202","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461202"},{"reference_url":"https://hackerone.com/reports/3669637","reference_id":"3669637","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:42:30Z/"}],"url":"https://hackerone.com/reports/3669637"},{"reference_url":"https://curl.se/docs/CVE-2026-6253.html","reference_id":"CVE-2026-6253.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:42:30Z/"}],"url":"https://curl.se/docs/CVE-2026-6253.html"},{"reference_url":"https://curl.se/docs/CVE-2026-6253.json","reference_id":"CVE-2026-6253.json","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:42:30Z/"}],"url":"https://curl.se/docs/CVE-2026-6253.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376473?format=json","purl":"pkg:generic/curl.se/curl@8.20.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0"}],"aliases":["CVE-2026-6253"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-14cb-wnj7-13e2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12262?format=json","vulnerability_id":"VCID-2bvs-a5w1-gfhe","summary":"curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14524.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14524.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14524","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12632","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14524"},{"reference_url":"https://curl.se/docs/CVE-2025-14524.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/"}],"url":"https://curl.se/docs/CVE-2025-14524.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14524"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3459417","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/"}],"url":"https://hackerone.com/reports/3459417"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426407","reference_id":"2426407","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426407"},{"reference_url":"https://curl.se/docs/CVE-2025-14524.json","reference_id":"CVE-2025-14524.json","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/"}],"url":"https://curl.se/docs/CVE-2025-14524.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8062-1/","reference_id":"USN-8062-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376471?format=json","purl":"pkg:generic/curl.se/curl@8.18.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5q7e-maen-9kes"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-fdqn-e8uu-j3hx"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.18.0"}],"aliases":["CVE-2025-14524"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2bvs-a5w1-gfhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27914?format=json","vulnerability_id":"VCID-32gj-mvnb-rudh","summary":"curl: HSTS subdomain overwrites parent cache entry","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9681.json","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9681.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9681","reference_id":"","reference_type":"","scores":[{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.73342","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086804","reference_id":"1086804","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086804"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322969","reference_id":"2322969","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322969"},{"reference_url":"https://hackerone.com/reports/2764830","reference_id":"2764830","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:16:59Z/"}],"url":"https://hackerone.com/reports/2764830"},{"reference_url":"https://curl.se/docs/CVE-2024-9681.html","reference_id":"CVE-2024-9681.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:16:59Z/"}],"url":"https://curl.se/docs/CVE-2024-9681.html"},{"reference_url":"https://curl.se/docs/CVE-2024-9681.json","reference_id":"CVE-2024-9681.json","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:16:59Z/"}],"url":"https://curl.se/docs/CVE-2024-9681.json"},{"reference_url":"https://usn.ubuntu.com/7104-1/","reference_id":"USN-7104-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7104-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376461?format=json","purl":"pkg:generic/curl.se/curl@8.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-eu8a-mzse-zfhy"},{"vulnerability":"VCID-g6cd-5nuc-73bx"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-ncpq-4ws5-eyh2"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-x47y-r42c-bkfk"},{"vulnerability":"VCID-zssk-1ump-a3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.11.0"}],"aliases":["CVE-2024-9681"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-32gj-mvnb-rudh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39116?format=json","vulnerability_id":"VCID-4563-62mm-57aq","summary":"curl: TELNET option IAC injection","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27533.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27533","reference_id":"","reference_type":"","scores":[{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39186","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27533"},{"reference_url":"https://curl.se/docs/CVE-2023-27533.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-27533.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27533"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1891474","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/"}],"url":"https://hackerone.com/reports/1891474"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179062","reference_id":"2179062","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179062"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/","reference_id":"36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html","reference_id":"msg00025.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230420-0011/","reference_id":"ntap-20230420-0011","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T20:09:15Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230420-0011/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6679","reference_id":"RHSA-2023:6679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6679"},{"reference_url":"https://usn.ubuntu.com/5964-1/","reference_id":"USN-5964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-1/"},{"reference_url":"https://usn.ubuntu.com/5964-2/","reference_id":"USN-5964-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376443?format=json","purl":"pkg:generic/curl.se/curl@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0"}],"aliases":["CVE-2023-27533"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4563-62mm-57aq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40782?format=json","vulnerability_id":"VCID-4nqj-8xk6-a7ha","summary":"curl: POST following PUT confusion","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32221.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32221","reference_id":"","reference_type":"","scores":[{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82916","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-32221"},{"reference_url":"https://curl.se/docs/CVE-2022-32221.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-32221.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1704017","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://hackerone.com/reports/1704017"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/19","reference_id":"19","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/19"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/20","reference_id":"20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/20"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135411","reference_id":"2135411","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135411"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/05/17/4","reference_id":"4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/05/17/4"},{"reference_url":"https://www.debian.org/security/2023/dsa-5330","reference_id":"dsa-5330","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://www.debian.org/security/2023/dsa-5330"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://support.apple.com/kb/HT213604","reference_id":"HT213604","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://support.apple.com/kb/HT213604"},{"reference_url":"https://support.apple.com/kb/HT213605","reference_id":"HT213605","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://support.apple.com/kb/HT213605"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html","reference_id":"msg00028.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230110-0006/","reference_id":"ntap-20230110-0006","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230110-0006/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230208-0002/","reference_id":"ntap-20230208-0002","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-20T15:51:51Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230208-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0333","reference_id":"RHSA-2023:0333","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0333"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4139","reference_id":"RHSA-2023:4139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4139"},{"reference_url":"https://usn.ubuntu.com/5702-1/","reference_id":"USN-5702-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5702-1/"},{"reference_url":"https://usn.ubuntu.com/5702-2/","reference_id":"USN-5702-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5702-2/"},{"reference_url":"https://usn.ubuntu.com/5823-1/","reference_id":"USN-5823-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5823-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376439?format=json","purl":"pkg:generic/curl.se/curl@7.86.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4563-62mm-57aq"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-71rt-1h3a-jkcm"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-84u3-ynnu-7kct"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-eh7z-2y2q-efbc"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-frj4-zf2v-87g2"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k232-kks1-hygq"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-nmwe-9bw8-2ud1"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-tzhd-pvxj-gqfy"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-v13d-ffaa-hyd9"},{"vulnerability":"VCID-zgz2-mscv-sqhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.86.0"}],"aliases":["CVE-2022-32221"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4nqj-8xk6-a7ha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15330?format=json","vulnerability_id":"VCID-4pzm-87dd-xqbs","summary":"curl: Curl missing SFTP host verification with wolfSSH backend","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10966.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10966.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10966","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07768","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10966"},{"reference_url":"https://curl.se/docs/CVE-2025-10966.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:26:03Z/"}],"url":"https://curl.se/docs/CVE-2025-10966.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3355218","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:26:03Z/"}],"url":"https://hackerone.com/reports/3355218"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2413308","reference_id":"2413308","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2413308"},{"reference_url":"https://curl.se/docs/CVE-2025-10966.json","reference_id":"CVE-2025-10966.json","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:26:03Z/"}],"url":"https://curl.se/docs/CVE-2025-10966.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376470?format=json","purl":"pkg:generic/curl.se/curl@8.17.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5q7e-maen-9kes"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-fdqn-e8uu-j3hx"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-x47y-r42c-bkfk"},{"vulnerability":"VCID-zssk-1ump-a3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.17.0"}],"aliases":["CVE-2025-10966"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4pzm-87dd-xqbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8128?format=json","vulnerability_id":"VCID-5hb5-9gh5-kyfs","summary":"curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3783.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3783","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07311","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3783"},{"reference_url":"https://curl.se/docs/CVE-2026-3783.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/"}],"url":"https://curl.se/docs/CVE-2026-3783.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3583983","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/"}],"url":"https://hackerone.com/reports/3583983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446450","reference_id":"2446450","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446450"},{"reference_url":"https://curl.se/docs/CVE-2026-3783.json","reference_id":"CVE-2026-3783.json","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/"}],"url":"https://curl.se/docs/CVE-2026-3783.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8084-1/","reference_id":"USN-8084-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8084-1/"},{"reference_url":"https://usn.ubuntu.com/8099-1/","reference_id":"USN-8099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8099-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376472?format=json","purl":"pkg:generic/curl.se/curl@8.19.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-5q7e-maen-9kes"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.19.0"}],"aliases":["CVE-2026-3783"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5hb5-9gh5-kyfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36368?format=json","vulnerability_id":"VCID-5jsn-ubxh-fqe4","summary":"curl: excessively long file name may lead to unknown HSTS status","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46219.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46219.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46219","reference_id":"","reference_type":"","scores":[{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34126","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46219"},{"reference_url":"https://curl.se/docs/CVE-2023-46219.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/"}],"url":"https://curl.se/docs/CVE-2023-46219.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46219","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46219"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2236133","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/"}],"url":"https://hackerone.com/reports/2236133"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057645","reference_id":"1057645","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057645"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252034","reference_id":"2252034","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252034"},{"reference_url":"https://www.debian.org/security/2023/dsa-5587","reference_id":"dsa-5587","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/"}],"url":"https://www.debian.org/security/2023/dsa-5587"},{"reference_url":"https://security.gentoo.org/glsa/202409-20","reference_id":"GLSA-202409-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-20"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240119-0007/","reference_id":"ntap-20240119-0007","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240119-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1316","reference_id":"RHSA-2024:1316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1317","reference_id":"RHSA-2024:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1317"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/","reference_id":"UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/"},{"reference_url":"https://usn.ubuntu.com/6535-1/","reference_id":"USN-6535-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6535-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376452?format=json","purl":"pkg:generic/curl.se/curl@8.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-eu8a-mzse-zfhy"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-mgx1-3ku7-sffc"},{"vulnerability":"VCID-mz1c-c4b2-j7gy"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.5.0"}],"aliases":["CVE-2023-46219"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5jsn-ubxh-fqe4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37236?format=json","vulnerability_id":"VCID-5stq-jajr-57hv","summary":"curl: out of heap memory issue due to missing limit on header quantity","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38039.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38039.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38039","reference_id":"","reference_type":"","scores":[{"value":"0.14797","scoring_system":"epss","scoring_elements":"0.94612","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38039"},{"reference_url":"https://curl.se/docs/CVE-2023-38039.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-38039.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2072338","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"https://hackerone.com/reports/2072338"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/17","reference_id":"17","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/17"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2239135","reference_id":"2239135","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2239135"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jan/34","reference_id":"34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jan/34"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jan/37","reference_id":"37","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jan/37"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jan/38","reference_id":"38","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jan/38"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DCZMYODALBLVOXVJEN2LF2MLANEYL4F/","reference_id":"5DCZMYODALBLVOXVJEN2LF2MLANEYL4F","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DCZMYODALBLVOXVJEN2LF2MLANEYL4F/"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://support.apple.com/kb/HT214036","reference_id":"HT214036","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"https://support.apple.com/kb/HT214036"},{"reference_url":"https://support.apple.com/kb/HT214057","reference_id":"HT214057","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"https://support.apple.com/kb/HT214057"},{"reference_url":"https://support.apple.com/kb/HT214058","reference_id":"HT214058","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"https://support.apple.com/kb/HT214058"},{"reference_url":"https://support.apple.com/kb/HT214063","reference_id":"HT214063","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"https://support.apple.com/kb/HT214063"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6KGKB2JNZVT276JYSKI6FV2VFJUGDOJ/","reference_id":"M6KGKB2JNZVT276JYSKI6FV2VFJUGDOJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6KGKB2JNZVT276JYSKI6FV2VFJUGDOJ/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231013-0005/","reference_id":"ntap-20231013-0005","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231013-0005/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7625","reference_id":"RHSA-2023:7625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7626","reference_id":"RHSA-2023:7626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7626"},{"reference_url":"https://www.insyde.com/security-pledge/SA-2023064","reference_id":"SA-2023064","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"https://www.insyde.com/security-pledge/SA-2023064"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEAWTYHC3RT6ZRS5OZRHLAIENVN6CCIS/","reference_id":"TEAWTYHC3RT6ZRS5OZRHLAIENVN6CCIS","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T19:17:43Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEAWTYHC3RT6ZRS5OZRHLAIENVN6CCIS/"},{"reference_url":"https://usn.ubuntu.com/6363-1/","reference_id":"USN-6363-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6363-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376450?format=json","purl":"pkg:generic/curl.se/curl@8.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.3.0"}],"aliases":["CVE-2023-38039"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5stq-jajr-57hv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54427?format=json","vulnerability_id":"VCID-689c-z62z-ukc7","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0167","reference_id":"","reference_type":"","scores":[{"value":"0.00331","scoring_system":"epss","scoring_elements":"0.56267","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0167"},{"reference_url":"https://curl.se/docs/CVE-2025-0167.html","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T15:52:41Z/"}],"url":"https://curl.se/docs/CVE-2025-0167.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2917232","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T15:52:41Z/"}],"url":"https://hackerone.com/reports/2917232"},{"reference_url":"https://curl.se/docs/CVE-2025-0167.json","reference_id":"CVE-2025-0167.json","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T15:52:41Z/"}],"url":"https://curl.se/docs/CVE-2025-0167.json"},{"reference_url":"https://usn.ubuntu.com/8084-1/","reference_id":"USN-8084-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8084-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376463?format=json","purl":"pkg:generic/curl.se/curl@8.12.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-eu8a-mzse-zfhy"},{"vulnerability":"VCID-g6cd-5nuc-73bx"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-ncpq-4ws5-eyh2"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-x47y-r42c-bkfk"},{"vulnerability":"VCID-zssk-1ump-a3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.12.0"}],"aliases":["CVE-2025-0167"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-689c-z62z-ukc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39434?format=json","vulnerability_id":"VCID-71rt-1h3a-jkcm","summary":"curl: HSTS amnesia with --parallel","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23915.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23915.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23915","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11969","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23915"},{"reference_url":"https://curl.se/docs/CVE-2023-23915.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-23915.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23915","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23915"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1814333","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1814333"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371","reference_id":"1031371","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2167813","reference_id":"2167813","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2167813"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:46:29Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230309-0006/","reference_id":"ntap-20230309-0006","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:46:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230309-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://usn.ubuntu.com/5891-1/","reference_id":"USN-5891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376441?format=json","purl":"pkg:generic/curl.se/curl@7.88.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4563-62mm-57aq"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-eh7z-2y2q-efbc"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k232-kks1-hygq"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-mse9-j9av-t7bh"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-tzhd-pvxj-gqfy"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"},{"vulnerability":"VCID-zgz2-mscv-sqhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.88.0"}],"aliases":["CVE-2023-23915"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-71rt-1h3a-jkcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5978?format=json","vulnerability_id":"VCID-777y-dgxh-kba5","summary":"curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5773.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5773.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5773","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.0549","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5773"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461201","reference_id":"2461201","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461201"},{"reference_url":"https://hackerone.com/reports/3650689","reference_id":"3650689","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:45:00Z/"}],"url":"https://hackerone.com/reports/3650689"},{"reference_url":"https://curl.se/docs/CVE-2026-5773.html","reference_id":"CVE-2026-5773.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:45:00Z/"}],"url":"https://curl.se/docs/CVE-2026-5773.html"},{"reference_url":"https://curl.se/docs/CVE-2026-5773.json","reference_id":"CVE-2026-5773.json","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:45:00Z/"}],"url":"https://curl.se/docs/CVE-2026-5773.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376473?format=json","purl":"pkg:generic/curl.se/curl@8.20.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0"}],"aliases":["CVE-2026-5773"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-777y-dgxh-kba5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38508?format=json","vulnerability_id":"VCID-7wd8-zrdf-gkc6","summary":"curl: more POST-after-PUT confusion","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28322.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28322","reference_id":"","reference_type":"","scores":[{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.7063","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28322"},{"reference_url":"https://curl.se/docs/CVE-2023-28322.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-28322.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28322"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1954658","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://hackerone.com/reports/1954658"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239","reference_id":"1036239","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196793","reference_id":"2196793","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196793"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/47","reference_id":"47","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/47"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/48","reference_id":"48","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/48"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/52","reference_id":"52","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/52"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/","reference_id":"F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://support.apple.com/kb/HT213843","reference_id":"HT213843","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://support.apple.com/kb/HT213843"},{"reference_url":"https://support.apple.com/kb/HT213844","reference_id":"HT213844","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://support.apple.com/kb/HT213844"},{"reference_url":"https://support.apple.com/kb/HT213845","reference_id":"HT213845","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://support.apple.com/kb/HT213845"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html","reference_id":"msg00015.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230609-0009/","reference_id":"ntap-20230609-0009","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230609-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4354","reference_id":"RHSA-2023:4354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4628","reference_id":"RHSA-2023:4628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4629","reference_id":"RHSA-2023:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5598","reference_id":"RHSA-2023:5598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0428","reference_id":"RHSA-2024:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0585","reference_id":"RHSA-2024:0585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1601","reference_id":"RHSA-2024:1601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2092","reference_id":"RHSA-2024:2092","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2092"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2093","reference_id":"RHSA-2024:2093","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2093"},{"reference_url":"https://usn.ubuntu.com/6237-1/","reference_id":"USN-6237-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6237-1/"},{"reference_url":"https://usn.ubuntu.com/6237-3/","reference_id":"USN-6237-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6237-3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/","reference_id":"Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T19:43:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376445?format=json","purl":"pkg:generic/curl.se/curl@8.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0"}],"aliases":["CVE-2023-28322"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7wd8-zrdf-gkc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40218?format=json","vulnerability_id":"VCID-84u3-ynnu-7kct","summary":"curl: Use-after-free triggered by an HTTP proxy deny response","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43552.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43552","reference_id":"","reference_type":"","scores":[{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27961","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43552"},{"reference_url":"https://curl.se/docs/CVE-2022-43552.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-43552.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32221"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1764858","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/"}],"url":"https://hackerone.com/reports/1764858"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830","reference_id":"1026830","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026830"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Mar/17","reference_id":"17","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Mar/17"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2152652","reference_id":"2152652","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2152652"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://support.apple.com/kb/HT213670","reference_id":"HT213670","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/"}],"url":"https://support.apple.com/kb/HT213670"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230214-0002/","reference_id":"ntap-20230214-0002","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T14:27:40Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230214-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2478","reference_id":"RHSA-2023:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2963","reference_id":"RHSA-2023:2963","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2963"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7743","reference_id":"RHSA-2023:7743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0428","reference_id":"RHSA-2024:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0428"},{"reference_url":"https://usn.ubuntu.com/5788-1/","reference_id":"USN-5788-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5788-1/"},{"reference_url":"https://usn.ubuntu.com/5894-1/","reference_id":"USN-5894-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5894-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376440?format=json","purl":"pkg:generic/curl.se/curl@7.87.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4563-62mm-57aq"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-71rt-1h3a-jkcm"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-eh7z-2y2q-efbc"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k232-kks1-hygq"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-nmwe-9bw8-2ud1"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-tzhd-pvxj-gqfy"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-v13d-ffaa-hyd9"},{"vulnerability":"VCID-x47y-r42c-bkfk"},{"vulnerability":"VCID-zgz2-mscv-sqhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.87.0"}],"aliases":["CVE-2022-43552"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84u3-ynnu-7kct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5977?format=json","vulnerability_id":"VCID-8f6k-xr87-uqfz","summary":"curl: curl: Information disclosure due to incorrect TLS connection reuse","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4873.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4873.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4873","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02632","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4873"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461200","reference_id":"2461200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461200"},{"reference_url":"https://hackerone.com/reports/3621851","reference_id":"3621851","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T19:29:14Z/"}],"url":"https://hackerone.com/reports/3621851"},{"reference_url":"https://curl.se/docs/CVE-2026-4873.html","reference_id":"CVE-2026-4873.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T19:29:14Z/"}],"url":"https://curl.se/docs/CVE-2026-4873.html"},{"reference_url":"https://curl.se/docs/CVE-2026-4873.json","reference_id":"CVE-2026-4873.json","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T19:29:14Z/"}],"url":"https://curl.se/docs/CVE-2026-4873.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376473?format=json","purl":"pkg:generic/curl.se/curl@8.20.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0"}],"aliases":["CVE-2026-4873"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8f6k-xr87-uqfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/29276?format=json","vulnerability_id":"VCID-8k4c-jcmk-xkdc","summary":"curl: OCSP stapling bypass with GnuTLS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8096.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8096.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8096","reference_id":"","reference_type":"","scores":[{"value":"0.00559","scoring_system":"epss","scoring_elements":"0.68546","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8096"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8096","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8096"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2310519","reference_id":"2310519","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2310519"},{"reference_url":"https://hackerone.com/reports/2669852","reference_id":"2669852","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/"}],"url":"https://hackerone.com/reports/2669852"},{"reference_url":"https://curl.se/docs/CVE-2024-8096.html","reference_id":"CVE-2024-8096.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/"}],"url":"https://curl.se/docs/CVE-2024-8096.html"},{"reference_url":"https://curl.se/docs/CVE-2024-8096.json","reference_id":"CVE-2024-8096.json","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/"}],"url":"https://curl.se/docs/CVE-2024-8096.json"},{"reference_url":"https://usn.ubuntu.com/7012-1/","reference_id":"USN-7012-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7012-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376459?format=json","purl":"pkg:generic/curl.se/curl@8.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-eu8a-mzse-zfhy"},{"vulnerability":"VCID-g6cd-5nuc-73bx"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-x47y-r42c-bkfk"},{"vulnerability":"VCID-zssk-1ump-a3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.10.0"}],"aliases":["CVE-2024-8096"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8k4c-jcmk-xkdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36936?format=json","vulnerability_id":"VCID-97n5-5pa2-rqhz","summary":"curl: cookie injection with none file","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38546.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38546","reference_id":"","reference_type":"","scores":[{"value":"0.00441","scoring_system":"epss","scoring_elements":"0.63492","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2148242","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/2148242"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241938","reference_id":"2241938","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241938"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jan/34","reference_id":"34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jan/34"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jan/37","reference_id":"37","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jan/37"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jan/38","reference_id":"38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jan/38"},{"reference_url":"https://security.archlinux.org/AVG-2845","reference_id":"AVG-2845","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2845"},{"reference_url":"https://security.archlinux.org/AVG-2846","reference_id":"AVG-2846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2846"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38546","reference_id":"CVE-2023-38546","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38546"},{"reference_url":"https://curl.se/docs/CVE-2023-38546.html","reference_id":"CVE-2023-38546.HTML","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://curl.se/docs/CVE-2023-38546.html"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://support.apple.com/kb/HT214036","reference_id":"HT214036","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://support.apple.com/kb/HT214036"},{"reference_url":"https://support.apple.com/kb/HT214057","reference_id":"HT214057","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://support.apple.com/kb/HT214057"},{"reference_url":"https://support.apple.com/kb/HT214058","reference_id":"HT214058","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://support.apple.com/kb/HT214058"},{"reference_url":"https://support.apple.com/kb/HT214063","reference_id":"HT214063","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://support.apple.com/kb/HT214063"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/","reference_id":"OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5700","reference_id":"RHSA-2023:5700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5763","reference_id":"RHSA-2023:5763","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5763"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6292","reference_id":"RHSA-2023:6292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6745","reference_id":"RHSA-2023:6745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7540","reference_id":"RHSA-2023:7540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7625","reference_id":"RHSA-2023:7625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7626","reference_id":"RHSA-2023:7626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1601","reference_id":"RHSA-2024:1601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2092","reference_id":"RHSA-2024:2092","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2092"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2093","reference_id":"RHSA-2024:2093","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2101","reference_id":"RHSA-2024:2101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2101"},{"reference_url":"https://usn.ubuntu.com/6429-1/","reference_id":"USN-6429-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6429-1/"},{"reference_url":"https://usn.ubuntu.com/6429-2/","reference_id":"USN-6429-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6429-2/"},{"reference_url":"https://usn.ubuntu.com/6429-3/","reference_id":"USN-6429-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6429-3/"},{"reference_url":"https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868","reference_id":"viewtopic.php?f=8&t=8868","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T15:01:53Z/"}],"url":"https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376451?format=json","purl":"pkg:generic/curl.se/curl@8.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.4.0"}],"aliases":["CVE-2023-38546"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-97n5-5pa2-rqhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12172?format=json","vulnerability_id":"VCID-9mnp-4p5a-ybcn","summary":"curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14017.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14017.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14017","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00206","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14017"},{"reference_url":"https://curl.se/docs/CVE-2025-14017.html","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T15:39:09Z/"}],"url":"https://curl.se/docs/CVE-2025-14017.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14017"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427870","reference_id":"2427870","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427870"},{"reference_url":"https://curl.se/docs/CVE-2025-14017.json","reference_id":"CVE-2025-14017.json","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T15:39:09Z/"}],"url":"https://curl.se/docs/CVE-2025-14017.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8062-1/","reference_id":"USN-8062-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-1/"},{"reference_url":"https://usn.ubuntu.com/8062-2/","reference_id":"USN-8062-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376471?format=json","purl":"pkg:generic/curl.se/curl@8.18.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5q7e-maen-9kes"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-fdqn-e8uu-j3hx"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.18.0"}],"aliases":["CVE-2025-14017"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mnp-4p5a-ybcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8130?format=json","vulnerability_id":"VCID-ab48-azj9-p3hq","summary":"curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1965.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1965.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1965","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22163","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1965"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446448","reference_id":"2446448","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446448"},{"reference_url":"https://curl.se/docs/CVE-2026-1965.html","reference_id":"CVE-2026-1965.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:31:56Z/"}],"url":"https://curl.se/docs/CVE-2026-1965.html"},{"reference_url":"https://curl.se/docs/CVE-2026-1965.json","reference_id":"CVE-2026-1965.json","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:31:56Z/"}],"url":"https://curl.se/docs/CVE-2026-1965.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8084-1/","reference_id":"USN-8084-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8084-1/"},{"reference_url":"https://usn.ubuntu.com/8099-1/","reference_id":"USN-8099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8099-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376472?format=json","purl":"pkg:generic/curl.se/curl@8.19.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-5q7e-maen-9kes"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.19.0"}],"aliases":["CVE-2026-1965"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ab48-azj9-p3hq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36362?format=json","vulnerability_id":"VCID-adkw-dnqu-6ffy","summary":"curl: information disclosure by exploiting a mixed case flaw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46218.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46218","reference_id":"","reference_type":"","scores":[{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44526","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46218"},{"reference_url":"https://curl.se/docs/CVE-2023-46218.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/"}],"url":"https://curl.se/docs/CVE-2023-46218.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46218"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2212193","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/"}],"url":"https://hackerone.com/reports/2212193"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646","reference_id":"1057646","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057646"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252030","reference_id":"2252030","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252030"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE/","reference_id":"3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE/"},{"reference_url":"https://www.debian.org/security/2023/dsa-5587","reference_id":"dsa-5587","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/"}],"url":"https://www.debian.org/security/2023/dsa-5587"},{"reference_url":"https://security.gentoo.org/glsa/202409-20","reference_id":"GLSA-202409-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-20"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html","reference_id":"msg00015.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240125-0007/","reference_id":"ntap-20240125-0007","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240125-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0428","reference_id":"RHSA-2024:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0434","reference_id":"RHSA-2024:0434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0452","reference_id":"RHSA-2024:0452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0585","reference_id":"RHSA-2024:0585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1129","reference_id":"RHSA-2024:1129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1316","reference_id":"RHSA-2024:1316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1317","reference_id":"RHSA-2024:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1383","reference_id":"RHSA-2024:1383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1601","reference_id":"RHSA-2024:1601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2092","reference_id":"RHSA-2024:2092","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2092"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2093","reference_id":"RHSA-2024:2093","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2094","reference_id":"RHSA-2024:2094","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2094"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/","reference_id":"UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T16:38:08Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/"},{"reference_url":"https://usn.ubuntu.com/6535-1/","reference_id":"USN-6535-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6535-1/"},{"reference_url":"https://usn.ubuntu.com/6641-1/","reference_id":"USN-6641-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6641-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376452?format=json","purl":"pkg:generic/curl.se/curl@8.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-eu8a-mzse-zfhy"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-mgx1-3ku7-sffc"},{"vulnerability":"VCID-mz1c-c4b2-j7gy"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.5.0"}],"aliases":["CVE-2023-46218"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-adkw-dnqu-6ffy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25979?format=json","vulnerability_id":"VCID-c7r3-5s6m-5ua1","summary":"libcurl: Buffer Overflow in libcurl via zlib Integer Overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0725.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0725.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0725","reference_id":"","reference_type":"","scores":[{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69765","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0725"},{"reference_url":"https://curl.se/docs/CVE-2025-0725.html","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/"}],"url":"https://curl.se/docs/CVE-2025-0725.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0725","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0725"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2956023","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/"}],"url":"https://hackerone.com/reports/2956023"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343899","reference_id":"2343899","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343899"},{"reference_url":"https://curl.se/docs/CVE-2025-0725.json","reference_id":"CVE-2025-0725.json","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/"}],"url":"https://curl.se/docs/CVE-2025-0725.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376463?format=json","purl":"pkg:generic/curl.se/curl@8.12.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-eu8a-mzse-zfhy"},{"vulnerability":"VCID-g6cd-5nuc-73bx"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-ncpq-4ws5-eyh2"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-x47y-r42c-bkfk"},{"vulnerability":"VCID-zssk-1ump-a3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.12.0"}],"aliases":["CVE-2025-0725"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c7r3-5s6m-5ua1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40785?format=json","vulnerability_id":"VCID-e1rm-18vc-rkc2","summary":"curl: HSTS bypass via IDN","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42916.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42916.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42916","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15169","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42916"},{"reference_url":"https://curl.se/docs/CVE-2022-42916.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://curl.se/docs/CVE-2022-42916.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42916"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1730660","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1730660"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/12/21/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/12/21/1"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/19","reference_id":"19","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/19"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/20","reference_id":"20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/20"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135416","reference_id":"2135416","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135416"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/","reference_id":"37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://support.apple.com/kb/HT213604","reference_id":"HT213604","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://support.apple.com/kb/HT213604"},{"reference_url":"https://support.apple.com/kb/HT213605","reference_id":"HT213605","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://support.apple.com/kb/HT213605"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/","reference_id":"HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221209-0010/","reference_id":"ntap-20221209-0010","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221209-0010/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/","reference_id":"Q27V5YYMXUVI6PRZQVECON32XPVWTKDK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://usn.ubuntu.com/5702-1/","reference_id":"USN-5702-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5702-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376439?format=json","purl":"pkg:generic/curl.se/curl@7.86.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4563-62mm-57aq"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-71rt-1h3a-jkcm"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-84u3-ynnu-7kct"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-eh7z-2y2q-efbc"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-frj4-zf2v-87g2"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k232-kks1-hygq"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-nmwe-9bw8-2ud1"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-tzhd-pvxj-gqfy"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-v13d-ffaa-hyd9"},{"vulnerability":"VCID-zgz2-mscv-sqhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.86.0"}],"aliases":["CVE-2022-42916"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e1rm-18vc-rkc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39119?format=json","vulnerability_id":"VCID-eh7z-2y2q-efbc","summary":"curl: FTP too eager connection reuse","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27535.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27535","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11251","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27535"},{"reference_url":"https://curl.se/docs/CVE-2023-27535.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-27535.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27535"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1892780","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/"}],"url":"https://hackerone.com/reports/1892780"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179073","reference_id":"2179073","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179073"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/","reference_id":"36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27535","reference_id":"CVE-2023-27535","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27535"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html","reference_id":"msg00025.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230420-0010/","reference_id":"ntap-20230420-0010","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:24:11Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230420-0010/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2650","reference_id":"RHSA-2023:2650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3106","reference_id":"RHSA-2023:3106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0428","reference_id":"RHSA-2024:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0428"},{"reference_url":"https://usn.ubuntu.com/5964-1/","reference_id":"USN-5964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-1/"},{"reference_url":"https://usn.ubuntu.com/5964-2/","reference_id":"USN-5964-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376443?format=json","purl":"pkg:generic/curl.se/curl@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0"}],"aliases":["CVE-2023-27535"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eh7z-2y2q-efbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34179?format=json","vulnerability_id":"VCID-ehmp-5g2e-eqfk","summary":"curl: HTTP/2 push headers memory-leak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2398.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2398.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2398","reference_id":"","reference_type":"","scores":[{"value":"0.02015","scoring_system":"epss","scoring_elements":"0.84019","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2398"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/18","reference_id":"18","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/18"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/19","reference_id":"19","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/19"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/20","reference_id":"20","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/20"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270498","reference_id":"2270498","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270498"},{"reference_url":"https://hackerone.com/reports/2402845","reference_id":"2402845","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://hackerone.com/reports/2402845"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/","reference_id":"2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/27/3","reference_id":"3","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/03/27/3"},{"reference_url":"https://curl.se/docs/CVE-2024-2398.html","reference_id":"CVE-2024-2398.html","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://curl.se/docs/CVE-2024-2398.html"},{"reference_url":"https://curl.se/docs/CVE-2024-2398.json","reference_id":"CVE-2024-2398.json","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://curl.se/docs/CVE-2024-2398.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-20","reference_id":"GLSA-202409-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-20"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/","reference_id":"GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/"},{"reference_url":"https://support.apple.com/kb/HT214118","reference_id":"HT214118","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://support.apple.com/kb/HT214118"},{"reference_url":"https://support.apple.com/kb/HT214119","reference_id":"HT214119","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://support.apple.com/kb/HT214119"},{"reference_url":"https://support.apple.com/kb/HT214120","reference_id":"HT214120","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://support.apple.com/kb/HT214120"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240503-0009/","reference_id":"ntap-20240503-0009","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T18:57:39Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240503-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10135","reference_id":"RHSA-2024:10135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11109","reference_id":"RHSA-2024:11109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2693","reference_id":"RHSA-2024:2693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2694","reference_id":"RHSA-2024:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3998","reference_id":"RHSA-2024:3998","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3998"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5529","reference_id":"RHSA-2024:5529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5654","reference_id":"RHSA-2024:5654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7213","reference_id":"RHSA-2024:7213","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7213"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7374","reference_id":"RHSA-2024:7374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7374"},{"reference_url":"https://usn.ubuntu.com/6718-1/","reference_id":"USN-6718-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6718-1/"},{"reference_url":"https://usn.ubuntu.com/6718-2/","reference_id":"USN-6718-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6718-2/"},{"reference_url":"https://usn.ubuntu.com/6718-3/","reference_id":"USN-6718-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6718-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376454?format=json","purl":"pkg:generic/curl.se/curl@8.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-e5g7-wsrp-ybfh"},{"vulnerability":"VCID-eu8a-mzse-zfhy"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.7.0"}],"aliases":["CVE-2024-2398"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ehmp-5g2e-eqfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40216?format=json","vulnerability_id":"VCID-frj4-zf2v-87g2","summary":"curl: HSTS bypass via IDN","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43551.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43551.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43551","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15613","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43551"},{"reference_url":"https://curl.se/docs/CVE-2022-43551.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-43551.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43551"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1755083","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:38:16Z/"}],"url":"https://hackerone.com/reports/1755083"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026829","reference_id":"1026829","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026829"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2152639","reference_id":"2152639","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2152639"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:38:16Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0007/","reference_id":"ntap-20230427-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:38:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/","reference_id":"TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:38:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/"},{"reference_url":"https://usn.ubuntu.com/5788-1/","reference_id":"USN-5788-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5788-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376440?format=json","purl":"pkg:generic/curl.se/curl@7.87.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4563-62mm-57aq"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-71rt-1h3a-jkcm"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-eh7z-2y2q-efbc"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k232-kks1-hygq"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-nmwe-9bw8-2ud1"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-tzhd-pvxj-gqfy"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-v13d-ffaa-hyd9"},{"vulnerability":"VCID-x47y-r42c-bkfk"},{"vulnerability":"VCID-zgz2-mscv-sqhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.87.0"}],"aliases":["CVE-2022-43551"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-frj4-zf2v-87g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5982?format=json","vulnerability_id":"VCID-guzm-25ur-qkgz","summary":"curl: libcurl: Credential leak via reused proxy connection during HTTP redirects","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6429.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6429.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6429","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0622","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6429"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6429","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6429"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461205","reference_id":"2461205","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461205"},{"reference_url":"https://hackerone.com/reports/3677759","reference_id":"3677759","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:03:52Z/"}],"url":"https://hackerone.com/reports/3677759"},{"reference_url":"https://curl.se/docs/CVE-2026-6429.html","reference_id":"CVE-2026-6429.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:03:52Z/"}],"url":"https://curl.se/docs/CVE-2026-6429.html"},{"reference_url":"https://curl.se/docs/CVE-2026-6429.json","reference_id":"CVE-2026-6429.json","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T14:03:52Z/"}],"url":"https://curl.se/docs/CVE-2026-6429.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376473?format=json","purl":"pkg:generic/curl.se/curl@8.20.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0"}],"aliases":["CVE-2026-6429"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-guzm-25ur-qkgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39126?format=json","vulnerability_id":"VCID-k232-kks1-hygq","summary":"curl: SSH connection too eager reuse still","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27538.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27538.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27538","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01704","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27538"},{"reference_url":"https://curl.se/docs/CVE-2023-27538.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-27538.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1898475","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/"}],"url":"https://hackerone.com/reports/1898475"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179103","reference_id":"2179103","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179103"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27538","reference_id":"CVE-2023-27538","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27538"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html","reference_id":"msg00025.html","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230420-0010/","reference_id":"ntap-20230420-0010","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:52:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230420-0010/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6679","reference_id":"RHSA-2023:6679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6679"},{"reference_url":"https://usn.ubuntu.com/5964-1/","reference_id":"USN-5964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376443?format=json","purl":"pkg:generic/curl.se/curl@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0"}],"aliases":["CVE-2023-27538"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k232-kks1-hygq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5044?format=json","vulnerability_id":"VCID-k93r-eqgb-fqgq","summary":"curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7168.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7168.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7168","reference_id":"","reference_type":"","scores":[{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23395","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7168"},{"reference_url":"https://curl.se/docs/CVE-2026-7168.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-7168.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7168","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7168"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3697719","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3697719"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476979","reference_id":"2476979","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19106","reference_id":"RHSA-2026:19106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19106"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376473?format=json","purl":"pkg:generic/curl.se/curl@8.20.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0"}],"aliases":["CVE-2026-7168"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k93r-eqgb-fqgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30094?format=json","vulnerability_id":"VCID-kmd7-ntaa-ffcv","summary":"curl: libcurl: ASN.1 date parser overread","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7264.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7264.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7264","reference_id":"","reference_type":"","scores":[{"value":"0.00796","scoring_system":"epss","scoring_elements":"0.74283","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7264"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7264"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/31/1","reference_id":"1","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/31/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077656","reference_id":"1077656","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077656"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301888","reference_id":"2301888","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2301888"},{"reference_url":"https://hackerone.com/reports/2629968","reference_id":"2629968","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/"}],"url":"https://hackerone.com/reports/2629968"},{"reference_url":"https://curl.se/docs/CVE-2024-7264.html","reference_id":"CVE-2024-7264.html","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/"}],"url":"https://curl.se/docs/CVE-2024-7264.html"},{"reference_url":"https://curl.se/docs/CVE-2024-7264.json","reference_id":"CVE-2024-7264.json","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T20:05:41Z/"}],"url":"https://curl.se/docs/CVE-2024-7264.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7726","reference_id":"RHSA-2024:7726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1671","reference_id":"RHSA-2025:1671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1673","reference_id":"RHSA-2025:1673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1673"},{"reference_url":"https://usn.ubuntu.com/6944-1/","reference_id":"USN-6944-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6944-1/"},{"reference_url":"https://usn.ubuntu.com/6944-2/","reference_id":"USN-6944-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6944-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376458?format=json","purl":"pkg:generic/curl.se/curl@8.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-eu8a-mzse-zfhy"},{"vulnerability":"VCID-g6cd-5nuc-73bx"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-x47y-r42c-bkfk"},{"vulnerability":"VCID-zssk-1ump-a3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.9.1"}],"aliases":["CVE-2024-7264"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kmd7-ntaa-ffcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5980?format=json","vulnerability_id":"VCID-ku14-1pmr-pbbd","summary":"curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6276.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6276.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6276","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02096","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6276"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461203","reference_id":"2461203","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461203"},{"reference_url":"https://hackerone.com/reports/3671818","reference_id":"3671818","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:24:29Z/"}],"url":"https://hackerone.com/reports/3671818"},{"reference_url":"https://curl.se/docs/CVE-2026-6276.html","reference_id":"CVE-2026-6276.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:24:29Z/"}],"url":"https://curl.se/docs/CVE-2026-6276.html"},{"reference_url":"https://curl.se/docs/CVE-2026-6276.json","reference_id":"CVE-2026-6276.json","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:24:29Z/"}],"url":"https://curl.se/docs/CVE-2026-6276.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376473?format=json","purl":"pkg:generic/curl.se/curl@8.20.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0"}],"aliases":["CVE-2026-6276"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ku14-1pmr-pbbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38502?format=json","vulnerability_id":"VCID-nhst-thye-guh2","summary":"curl: use after free in SSH sha256 fingerprint check","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28319.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28319.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28319","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55314","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28319"},{"reference_url":"https://curl.se/docs/CVE-2023-28319.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-28319.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1913733","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/"}],"url":"https://hackerone.com/reports/1913733"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239","reference_id":"1036239","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196778","reference_id":"2196778","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196778"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/47","reference_id":"47","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/47"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/48","reference_id":"48","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/48"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/52","reference_id":"52","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/52"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://support.apple.com/kb/HT213843","reference_id":"HT213843","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/"}],"url":"https://support.apple.com/kb/HT213843"},{"reference_url":"https://support.apple.com/kb/HT213844","reference_id":"HT213844","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/"}],"url":"https://support.apple.com/kb/HT213844"},{"reference_url":"https://support.apple.com/kb/HT213845","reference_id":"HT213845","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/"}],"url":"https://support.apple.com/kb/HT213845"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230609-0009/","reference_id":"ntap-20230609-0009","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:59:44Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230609-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4628","reference_id":"RHSA-2023:4628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4629","reference_id":"RHSA-2023:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4629"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376445?format=json","purl":"pkg:generic/curl.se/curl@8.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0"}],"aliases":["CVE-2023-28319"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nhst-thye-guh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39433?format=json","vulnerability_id":"VCID-nmwe-9bw8-2ud1","summary":"curl: HSTS ignored on multiple requests","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23914.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23914.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23914","reference_id":"","reference_type":"","scores":[{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29202","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23914"},{"reference_url":"https://curl.se/docs/CVE-2023-23914.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-23914.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1813864","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-12T18:51:37Z/"}],"url":"https://hackerone.com/reports/1813864"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371","reference_id":"1031371","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2167797","reference_id":"2167797","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2167797"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-12T18:51:37Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230309-0006/","reference_id":"ntap-20230309-0006","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-12T18:51:37Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230309-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://usn.ubuntu.com/5891-1/","reference_id":"USN-5891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376441?format=json","purl":"pkg:generic/curl.se/curl@7.88.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4563-62mm-57aq"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-eh7z-2y2q-efbc"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k232-kks1-hygq"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-mse9-j9av-t7bh"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-tzhd-pvxj-gqfy"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"},{"vulnerability":"VCID-zgz2-mscv-sqhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.88.0"}],"aliases":["CVE-2023-23914"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nmwe-9bw8-2ud1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38505?format=json","vulnerability_id":"VCID-ptdk-wtvg-zkaw","summary":"curl: IDN wildcard match may lead to Improper Cerificate Validation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28321.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28321.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28321","reference_id":"","reference_type":"","scores":[{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53255","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28321"},{"reference_url":"https://curl.se/docs/CVE-2023-28321.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-28321.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28321"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1950627","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://hackerone.com/reports/1950627"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239","reference_id":"1036239","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196786","reference_id":"2196786","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196786"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/47","reference_id":"47","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/47"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/48","reference_id":"48","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/48"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/52","reference_id":"52","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/52"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/","reference_id":"F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://support.apple.com/kb/HT213843","reference_id":"HT213843","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://support.apple.com/kb/HT213843"},{"reference_url":"https://support.apple.com/kb/HT213844","reference_id":"HT213844","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://support.apple.com/kb/HT213844"},{"reference_url":"https://support.apple.com/kb/HT213845","reference_id":"HT213845","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://support.apple.com/kb/HT213845"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html","reference_id":"msg00016.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230609-0009/","reference_id":"ntap-20230609-0009","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230609-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4354","reference_id":"RHSA-2023:4354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4523","reference_id":"RHSA-2023:4523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4523"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4628","reference_id":"RHSA-2023:4628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4629","reference_id":"RHSA-2023:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5598","reference_id":"RHSA-2023:5598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6292","reference_id":"RHSA-2023:6292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6292"},{"reference_url":"https://usn.ubuntu.com/6237-1/","reference_id":"USN-6237-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6237-1/"},{"reference_url":"https://usn.ubuntu.com/6237-3/","reference_id":"USN-6237-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6237-3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/","reference_id":"Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:54:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376445?format=json","purl":"pkg:generic/curl.se/curl@8.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0"}],"aliases":["CVE-2023-28321"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ptdk-wtvg-zkaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5981?format=json","vulnerability_id":"VCID-qax6-9qcb-6yah","summary":"curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5545.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5545.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5545","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11312","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5545"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461204","reference_id":"2461204","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461204"},{"reference_url":"https://hackerone.com/reports/3642555","reference_id":"3642555","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:46:36Z/"}],"url":"https://hackerone.com/reports/3642555"},{"reference_url":"https://curl.se/docs/CVE-2026-5545.html","reference_id":"CVE-2026-5545.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:46:36Z/"}],"url":"https://curl.se/docs/CVE-2026-5545.html"},{"reference_url":"https://curl.se/docs/CVE-2026-5545.json","reference_id":"CVE-2026-5545.json","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T17:46:36Z/"}],"url":"https://curl.se/docs/CVE-2026-5545.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376473?format=json","purl":"pkg:generic/curl.se/curl@8.20.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.20.0"}],"aliases":["CVE-2026-5545"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qax6-9qcb-6yah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38504?format=json","vulnerability_id":"VCID-qqyy-ejjy-zugp","summary":"curl: siglongjmp race condition may lead to crash","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28320.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28320.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28320","reference_id":"","reference_type":"","scores":[{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70928","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28320"},{"reference_url":"https://curl.se/docs/CVE-2023-28320.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-28320.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28320","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28320"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1929597","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://hackerone.com/reports/1929597"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239","reference_id":"1036239","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196783","reference_id":"2196783","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196783"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/47","reference_id":"47","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/47"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/48","reference_id":"48","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/48"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/52","reference_id":"52","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/52"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://support.apple.com/kb/HT213843","reference_id":"HT213843","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://support.apple.com/kb/HT213843"},{"reference_url":"https://support.apple.com/kb/HT213844","reference_id":"HT213844","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://support.apple.com/kb/HT213844"},{"reference_url":"https://support.apple.com/kb/HT213845","reference_id":"HT213845","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://support.apple.com/kb/HT213845"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230609-0009/","reference_id":"ntap-20230609-0009","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230609-0009/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376445?format=json","purl":"pkg:generic/curl.se/curl@8.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.1.0"}],"aliases":["CVE-2023-28320"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qqyy-ejjy-zugp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12266?format=json","vulnerability_id":"VCID-qteb-88n4-5ka7","summary":"curl: libssh key passphrase bypass without agent set","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15224.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15224.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15224","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2694","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15224"},{"reference_url":"https://curl.se/docs/CVE-2025-15224.html","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:38:20Z/"}],"url":"https://curl.se/docs/CVE-2025-15224.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15224","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15224"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3480925","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:38:20Z/"}],"url":"https://hackerone.com/reports/3480925"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426410","reference_id":"2426410","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426410"},{"reference_url":"https://curl.se/docs/CVE-2025-15224.json","reference_id":"CVE-2025-15224.json","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:38:20Z/"}],"url":"https://curl.se/docs/CVE-2025-15224.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8062-1/","reference_id":"USN-8062-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-1/"},{"reference_url":"https://usn.ubuntu.com/8062-2/","reference_id":"USN-8062-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376471?format=json","purl":"pkg:generic/curl.se/curl@8.18.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5q7e-maen-9kes"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-fdqn-e8uu-j3hx"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.18.0"}],"aliases":["CVE-2025-15224"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qteb-88n4-5ka7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27328?format=json","vulnerability_id":"VCID-r1c8-6w99-kqgc","summary":"curl: curl netrc password leak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11053.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11053.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11053","reference_id":"","reference_type":"","scores":[{"value":"0.01399","scoring_system":"epss","scoring_elements":"0.80721","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11053"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089682","reference_id":"1089682","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089682"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2331191","reference_id":"2331191","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2331191"},{"reference_url":"https://hackerone.com/reports/2829063","reference_id":"2829063","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-15T16:47:42Z/"}],"url":"https://hackerone.com/reports/2829063"},{"reference_url":"https://curl.se/docs/CVE-2024-11053.html","reference_id":"CVE-2024-11053.html","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-15T16:47:42Z/"}],"url":"https://curl.se/docs/CVE-2024-11053.html"},{"reference_url":"https://curl.se/docs/CVE-2024-11053.json","reference_id":"CVE-2024-11053.json","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-15T16:47:42Z/"}],"url":"https://curl.se/docs/CVE-2024-11053.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1671","reference_id":"RHSA-2025:1671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1673","reference_id":"RHSA-2025:1673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1673"},{"reference_url":"https://usn.ubuntu.com/7162-1/","reference_id":"USN-7162-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7162-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376462?format=json","purl":"pkg:generic/curl.se/curl@8.11.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-3c1c-2n4r-uyag"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-eu8a-mzse-zfhy"},{"vulnerability":"VCID-g6cd-5nuc-73bx"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-ncpq-4ws5-eyh2"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-x47y-r42c-bkfk"},{"vulnerability":"VCID-zssk-1ump-a3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.11.1"}],"aliases":["CVE-2024-11053"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r1c8-6w99-kqgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12265?format=json","vulnerability_id":"VCID-r4re-xx26-2kgm","summary":"curl: Host verification bypass during SSH transfers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15079.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15079.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15079","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14927","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15079"},{"reference_url":"https://curl.se/docs/CVE-2025-15079.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:45:34Z/"}],"url":"https://curl.se/docs/CVE-2025-15079.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3477116","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:45:34Z/"}],"url":"https://hackerone.com/reports/3477116"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426409","reference_id":"2426409","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426409"},{"reference_url":"https://curl.se/docs/CVE-2025-15079.json","reference_id":"CVE-2025-15079.json","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:45:34Z/"}],"url":"https://curl.se/docs/CVE-2025-15079.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8062-1/","reference_id":"USN-8062-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-1/"},{"reference_url":"https://usn.ubuntu.com/8062-2/","reference_id":"USN-8062-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376471?format=json","purl":"pkg:generic/curl.se/curl@8.18.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5q7e-maen-9kes"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-fdqn-e8uu-j3hx"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.18.0"}],"aliases":["CVE-2025-15079"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4re-xx26-2kgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36935?format=json","vulnerability_id":"VCID-sd8m-enmc-muhn","summary":"curl: heap based buffer overflow in the SOCKS5 proxy handshake","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38545.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38545.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38545","reference_id":"","reference_type":"","scores":[{"value":"0.26747","scoring_system":"epss","scoring_elements":"0.96434","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2187833","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/2187833"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241933","reference_id":"2241933","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241933"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jan/34","reference_id":"34","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jan/34"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jan/37","reference_id":"37","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jan/37"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jan/38","reference_id":"38","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jan/38"},{"reference_url":"https://security.archlinux.org/AVG-2845","reference_id":"AVG-2845","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2845"},{"reference_url":"https://security.archlinux.org/AVG-2846","reference_id":"AVG-2846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2846"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38545","reference_id":"CVE-2023-38545","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38545"},{"reference_url":"https://curl.se/docs/CVE-2023-38545.html","reference_id":"CVE-2023-38545.HTML","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"High","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/"}],"url":"https://curl.se/docs/CVE-2023-38545.html"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://www.secpod.com/blog/high-severity-heap-buffer-overflow-vulnerability/","reference_id":"high-severity-heap-buffer-overflow-vulnerability","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/"}],"url":"https://www.secpod.com/blog/high-severity-heap-buffer-overflow-vulnerability/"},{"reference_url":"https://support.apple.com/kb/HT214036","reference_id":"HT214036","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/"}],"url":"https://support.apple.com/kb/HT214036"},{"reference_url":"https://support.apple.com/kb/HT214057","reference_id":"HT214057","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/"}],"url":"https://support.apple.com/kb/HT214057"},{"reference_url":"https://support.apple.com/kb/HT214058","reference_id":"HT214058","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/"}],"url":"https://support.apple.com/kb/HT214058"},{"reference_url":"https://support.apple.com/kb/HT214063","reference_id":"HT214063","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/"}],"url":"https://support.apple.com/kb/HT214063"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231027-0009/","reference_id":"ntap-20231027-0009","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231027-0009/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0005/","reference_id":"ntap-20240201-0005","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0005/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/","reference_id":"OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGMXNRNSJ4ETDK6FRNU3J7SABXPWCHSQ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5700","reference_id":"RHSA-2023:5700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5763","reference_id":"RHSA-2023:5763","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5763"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6745","reference_id":"RHSA-2023:6745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7625","reference_id":"RHSA-2023:7625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7626","reference_id":"RHSA-2023:7626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0797","reference_id":"RHSA-2024:0797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2011","reference_id":"RHSA-2024:2011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2011"},{"reference_url":"https://usn.ubuntu.com/6429-1/","reference_id":"USN-6429-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6429-1/"},{"reference_url":"https://usn.ubuntu.com/6429-3/","reference_id":"USN-6429-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6429-3/"},{"reference_url":"https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868","reference_id":"viewtopic.php?f=8&t=8868","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-17T21:11:03Z/"}],"url":"https://forum.vmssoftware.com/viewtopic.php?f=8&t=8868"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376451?format=json","purl":"pkg:generic/curl.se/curl@8.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.4.0"}],"aliases":["CVE-2023-38545"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sd8m-enmc-muhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40784?format=json","vulnerability_id":"VCID-srgc-rxj3-6ydd","summary":"curl: HTTP proxy double-free","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42915.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42915.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42915","reference_id":"","reference_type":"","scores":[{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64716","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42915"},{"reference_url":"https://curl.se/docs/CVE-2022-42915.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/"}],"url":"https://curl.se/docs/CVE-2022-42915.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1722065","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1722065"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/19","reference_id":"19","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/19"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/20","reference_id":"20","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/20"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135413","reference_id":"2135413","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135413"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/","reference_id":"37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://support.apple.com/kb/HT213604","reference_id":"HT213604","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/"}],"url":"https://support.apple.com/kb/HT213604"},{"reference_url":"https://support.apple.com/kb/HT213605","reference_id":"HT213605","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/"}],"url":"https://support.apple.com/kb/HT213605"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/","reference_id":"HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221209-0010/","reference_id":"ntap-20221209-0010","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221209-0010/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/","reference_id":"Q27V5YYMXUVI6PRZQVECON32XPVWTKDK","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T13:58:40Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://usn.ubuntu.com/5702-1/","reference_id":"USN-5702-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5702-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376439?format=json","purl":"pkg:generic/curl.se/curl@7.86.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4563-62mm-57aq"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-71rt-1h3a-jkcm"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-84u3-ynnu-7kct"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-eh7z-2y2q-efbc"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-frj4-zf2v-87g2"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k232-kks1-hygq"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-nmwe-9bw8-2ud1"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-tzhd-pvxj-gqfy"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-v13d-ffaa-hyd9"},{"vulnerability":"VCID-zgz2-mscv-sqhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.86.0"}],"aliases":["CVE-2022-42915"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-srgc-rxj3-6ydd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8127?format=json","vulnerability_id":"VCID-ss8u-8s2v-dkf4","summary":"curl: curl: Unauthorized access due to improper HTTP proxy connection reuse","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3784","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06899","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3784"},{"reference_url":"https://curl.se/docs/CVE-2026-3784.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/"}],"url":"https://curl.se/docs/CVE-2026-3784.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3584903","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/"}],"url":"https://hackerone.com/reports/3584903"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446449","reference_id":"2446449","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446449"},{"reference_url":"https://curl.se/docs/CVE-2026-3784.json","reference_id":"CVE-2026-3784.json","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/"}],"url":"https://curl.se/docs/CVE-2026-3784.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8084-1/","reference_id":"USN-8084-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8084-1/"},{"reference_url":"https://usn.ubuntu.com/8099-1/","reference_id":"USN-8099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8099-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376472?format=json","purl":"pkg:generic/curl.se/curl@8.19.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-5q7e-maen-9kes"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.19.0"}],"aliases":["CVE-2026-3784"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ss8u-8s2v-dkf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39117?format=json","vulnerability_id":"VCID-tzhd-pvxj-gqfy","summary":"curl: SFTP path ~ resolving discrepancy","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27534.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27534.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27534","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20088","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27534"},{"reference_url":"https://curl.se/docs/CVE-2023-27534.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-27534.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27534"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1892351","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1892351"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179069","reference_id":"2179069","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179069"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6679","reference_id":"RHSA-2023:6679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6679"},{"reference_url":"https://usn.ubuntu.com/5964-1/","reference_id":"USN-5964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376443?format=json","purl":"pkg:generic/curl.se/curl@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0"}],"aliases":["CVE-2023-27534"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzhd-pvxj-gqfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34188?format=json","vulnerability_id":"VCID-ujr4-yect-subh","summary":"curl: Usage of disabled protocol","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2004.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2004.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2004","reference_id":"","reference_type":"","scores":[{"value":"0.0091","scoring_system":"epss","scoring_elements":"0.76152","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2004"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/27/1","reference_id":"1","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/03/27/1"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/18","reference_id":"18","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/18"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/19","reference_id":"19","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/19"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/20","reference_id":"20","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/20"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270500","reference_id":"2270500","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270500"},{"reference_url":"https://hackerone.com/reports/2384833","reference_id":"2384833","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/"}],"url":"https://hackerone.com/reports/2384833"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/","reference_id":"2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D44YLAUFJU6BZ4XFG2FYV7SBKXB5IZ6/"},{"reference_url":"https://curl.se/docs/CVE-2024-2004.html","reference_id":"CVE-2024-2004.html","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/"}],"url":"https://curl.se/docs/CVE-2024-2004.html"},{"reference_url":"https://curl.se/docs/CVE-2024-2004.json","reference_id":"CVE-2024-2004.json","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/"}],"url":"https://curl.se/docs/CVE-2024-2004.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-20","reference_id":"GLSA-202409-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-20"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/","reference_id":"GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/"},{"reference_url":"https://support.apple.com/kb/HT214118","reference_id":"HT214118","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/"}],"url":"https://support.apple.com/kb/HT214118"},{"reference_url":"https://support.apple.com/kb/HT214119","reference_id":"HT214119","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/"}],"url":"https://support.apple.com/kb/HT214119"},{"reference_url":"https://support.apple.com/kb/HT214120","reference_id":"HT214120","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/"}],"url":"https://support.apple.com/kb/HT214120"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240524-0006/","reference_id":"ntap-20240524-0006","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:17:42Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240524-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2693","reference_id":"RHSA-2024:2693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2694","reference_id":"RHSA-2024:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2694"},{"reference_url":"https://usn.ubuntu.com/6718-1/","reference_id":"USN-6718-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6718-1/"},{"reference_url":"https://usn.ubuntu.com/6718-3/","reference_id":"USN-6718-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6718-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376454?format=json","purl":"pkg:generic/curl.se/curl@8.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-e5g7-wsrp-ybfh"},{"vulnerability":"VCID-eu8a-mzse-zfhy"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.7.0"}],"aliases":["CVE-2024-2004"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ujr4-yect-subh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39435?format=json","vulnerability_id":"VCID-v13d-ffaa-hyd9","summary":"curl: HTTP multi-header compression denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23916.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23916.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23916","reference_id":"","reference_type":"","scores":[{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20724","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23916"},{"reference_url":"https://curl.se/docs/CVE-2023-23916.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-23916.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1826048","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/"}],"url":"https://hackerone.com/reports/1826048"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371","reference_id":"1031371","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2167815","reference_id":"2167815","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2167815"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/","reference_id":"BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/"},{"reference_url":"https://www.debian.org/security/2023/dsa-5365","reference_id":"dsa-5365","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/"}],"url":"https://www.debian.org/security/2023/dsa-5365"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html","reference_id":"msg00035.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230309-0006/","reference_id":"ntap-20230309-0006","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T18:24:35Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230309-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1140","reference_id":"RHSA-2023:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1701","reference_id":"RHSA-2023:1701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1842","reference_id":"RHSA-2023:1842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3460","reference_id":"RHSA-2023:3460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4139","reference_id":"RHSA-2023:4139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4139"},{"reference_url":"https://usn.ubuntu.com/5891-1/","reference_id":"USN-5891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376441?format=json","purl":"pkg:generic/curl.se/curl@7.88.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4563-62mm-57aq"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-eh7z-2y2q-efbc"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k232-kks1-hygq"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-mse9-j9av-t7bh"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-tzhd-pvxj-gqfy"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"},{"vulnerability":"VCID-zgz2-mscv-sqhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.88.0"}],"aliases":["CVE-2023-23916"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v13d-ffaa-hyd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40783?format=json","vulnerability_id":"VCID-w2fp-rb4q-kke3","summary":"curl: .netrc parser out-of-bounds access","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35260.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35260.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35260","reference_id":"","reference_type":"","scores":[{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50609","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35260"},{"reference_url":"https://curl.se/docs/CVE-2022-35260.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-35260.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1721098","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/"}],"url":"https://hackerone.com/reports/1721098"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/19","reference_id":"19","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/19"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/20","reference_id":"20","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/20"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135412","reference_id":"2135412","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135412"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://support.apple.com/kb/HT213604","reference_id":"HT213604","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/"}],"url":"https://support.apple.com/kb/HT213604"},{"reference_url":"https://support.apple.com/kb/HT213605","reference_id":"HT213605","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/"}],"url":"https://support.apple.com/kb/HT213605"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230110-0006/","reference_id":"ntap-20230110-0006","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-27T19:48:27Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230110-0006/"},{"reference_url":"https://usn.ubuntu.com/5702-1/","reference_id":"USN-5702-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5702-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376439?format=json","purl":"pkg:generic/curl.se/curl@7.86.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4563-62mm-57aq"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-71rt-1h3a-jkcm"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-84u3-ynnu-7kct"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-eh7z-2y2q-efbc"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-frj4-zf2v-87g2"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k232-kks1-hygq"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-nmwe-9bw8-2ud1"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-tzhd-pvxj-gqfy"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-v13d-ffaa-hyd9"},{"vulnerability":"VCID-zgz2-mscv-sqhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.86.0"}],"aliases":["CVE-2022-35260"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w2fp-rb4q-kke3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39122?format=json","vulnerability_id":"VCID-zgz2-mscv-sqhu","summary":"curl: GSS delegation too eager connection re-use","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27536.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27536","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01414","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27536"},{"reference_url":"https://curl.se/docs/CVE-2023-27536.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-27536.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27536"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1895135","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/"}],"url":"https://hackerone.com/reports/1895135"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179092","reference_id":"2179092","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2179092"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/","reference_id":"36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27536","reference_id":"CVE-2023-27536","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27536"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html","reference_id":"msg00025.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230420-0010/","reference_id":"ntap-20230420-0010","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:39:19Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230420-0010/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4523","reference_id":"RHSA-2023:4523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4523"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6679","reference_id":"RHSA-2023:6679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6679"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0428","reference_id":"RHSA-2024:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0428"},{"reference_url":"https://usn.ubuntu.com/5964-1/","reference_id":"USN-5964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-1/"},{"reference_url":"https://usn.ubuntu.com/5964-2/","reference_id":"USN-5964-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5964-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376443?format=json","purl":"pkg:generic/curl.se/curl@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-x47y-r42c-bkfk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.0.0"}],"aliases":["CVE-2023-27536"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zgz2-mscv-sqhu"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41344?format=json","vulnerability_id":"VCID-z4n7-e83t-hucq","summary":"curl: Incorrect handling of control code characters in cookies","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35252.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35252","reference_id":"","reference_type":"","scores":[{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52523","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-35252"},{"reference_url":"https://curl.se/docs/CVE-2022-35252.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-35252.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35252"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1613943","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"https://hackerone.com/reports/1613943"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831","reference_id":"1018831","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018831"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/20","reference_id":"20","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/20"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/21","reference_id":"21","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/21"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2120718","reference_id":"2120718","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2120718"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://support.apple.com/kb/HT213603","reference_id":"HT213603","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"https://support.apple.com/kb/HT213603"},{"reference_url":"https://support.apple.com/kb/HT213604","reference_id":"HT213604","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"https://support.apple.com/kb/HT213604"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html","reference_id":"msg00028.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220930-0005/","reference_id":"ntap-20220930-0005","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:42Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220930-0005/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2478","reference_id":"RHSA-2023:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2963","reference_id":"RHSA-2023:2963","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2963"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0428","reference_id":"RHSA-2024:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0428"},{"reference_url":"https://usn.ubuntu.com/5587-1/","reference_id":"USN-5587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5587-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376438?format=json","purl":"pkg:generic/curl.se/curl@7.85.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14cb-wnj7-13e2"},{"vulnerability":"VCID-2bvs-a5w1-gfhe"},{"vulnerability":"VCID-32gj-mvnb-rudh"},{"vulnerability":"VCID-4563-62mm-57aq"},{"vulnerability":"VCID-4nqj-8xk6-a7ha"},{"vulnerability":"VCID-4pzm-87dd-xqbs"},{"vulnerability":"VCID-5hb5-9gh5-kyfs"},{"vulnerability":"VCID-5jsn-ubxh-fqe4"},{"vulnerability":"VCID-5stq-jajr-57hv"},{"vulnerability":"VCID-689c-z62z-ukc7"},{"vulnerability":"VCID-71rt-1h3a-jkcm"},{"vulnerability":"VCID-777y-dgxh-kba5"},{"vulnerability":"VCID-7wd8-zrdf-gkc6"},{"vulnerability":"VCID-84u3-ynnu-7kct"},{"vulnerability":"VCID-8f6k-xr87-uqfz"},{"vulnerability":"VCID-8k4c-jcmk-xkdc"},{"vulnerability":"VCID-97n5-5pa2-rqhz"},{"vulnerability":"VCID-9mnp-4p5a-ybcn"},{"vulnerability":"VCID-ab48-azj9-p3hq"},{"vulnerability":"VCID-adkw-dnqu-6ffy"},{"vulnerability":"VCID-c7r3-5s6m-5ua1"},{"vulnerability":"VCID-e1rm-18vc-rkc2"},{"vulnerability":"VCID-eh7z-2y2q-efbc"},{"vulnerability":"VCID-ehmp-5g2e-eqfk"},{"vulnerability":"VCID-frj4-zf2v-87g2"},{"vulnerability":"VCID-guzm-25ur-qkgz"},{"vulnerability":"VCID-k232-kks1-hygq"},{"vulnerability":"VCID-k93r-eqgb-fqgq"},{"vulnerability":"VCID-kmd7-ntaa-ffcv"},{"vulnerability":"VCID-ku14-1pmr-pbbd"},{"vulnerability":"VCID-nhst-thye-guh2"},{"vulnerability":"VCID-nmwe-9bw8-2ud1"},{"vulnerability":"VCID-ptdk-wtvg-zkaw"},{"vulnerability":"VCID-qax6-9qcb-6yah"},{"vulnerability":"VCID-qqyy-ejjy-zugp"},{"vulnerability":"VCID-qteb-88n4-5ka7"},{"vulnerability":"VCID-r1c8-6w99-kqgc"},{"vulnerability":"VCID-r4re-xx26-2kgm"},{"vulnerability":"VCID-sd8m-enmc-muhn"},{"vulnerability":"VCID-srgc-rxj3-6ydd"},{"vulnerability":"VCID-ss8u-8s2v-dkf4"},{"vulnerability":"VCID-tzhd-pvxj-gqfy"},{"vulnerability":"VCID-ujr4-yect-subh"},{"vulnerability":"VCID-v13d-ffaa-hyd9"},{"vulnerability":"VCID-w2fp-rb4q-kke3"},{"vulnerability":"VCID-zgz2-mscv-sqhu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.85.0"}],"aliases":["CVE-2022-35252"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z4n7-e83t-hucq"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@7.85.0"}