Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/curl@8.11.1-r0?arch=riscv64&distroversion=v3.21&reponame=main
Typeapk
Namespacealpine
Namecurl
Version8.11.1-r0
Qualifiers
arch riscv64
distroversion v3.21
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version8.12.0-r0
Latest_non_vulnerable_version8.14.1-r2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-u1p8-s8vm-3yer
vulnerability_id VCID-u1p8-s8vm-3yer
summary When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11053.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11053.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-11053
reference_id
reference_type
scores
0
value 0.01399
scoring_system epss
scoring_elements 0.80791
published_at 2026-06-09T12:55:00Z
1
value 0.01399
scoring_system epss
scoring_elements 0.80776
published_at 2026-06-05T12:55:00Z
2
value 0.01399
scoring_system epss
scoring_elements 0.80778
published_at 2026-06-06T12:55:00Z
3
value 0.01399
scoring_system epss
scoring_elements 0.80775
published_at 2026-06-07T12:55:00Z
4
value 0.01399
scoring_system epss
scoring_elements 0.80771
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-11053
2
reference_url https://curl.se/docs/CVE-2024-11053.html
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Low
scoring_system cvssv3.1
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-15T16:47:42Z/
url https://curl.se/docs/CVE-2024-11053.html
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://hackerone.com/reports/2829063
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-15T16:47:42Z/
url https://hackerone.com/reports/2829063
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089682
reference_id 1089682
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089682
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2331191
reference_id 2331191
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2331191
7
reference_url https://curl.se/docs/CVE-2024-11053.json
reference_id CVE-2024-11053.json
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-15T16:47:42Z/
url https://curl.se/docs/CVE-2024-11053.json
8
reference_url https://access.redhat.com/errata/RHSA-2025:1671
reference_id RHSA-2025:1671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1671
9
reference_url https://access.redhat.com/errata/RHSA-2025:1673
reference_id RHSA-2025:1673
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1673
10
reference_url https://usn.ubuntu.com/7162-1/
reference_id USN-7162-1
reference_type
scores
url https://usn.ubuntu.com/7162-1/
fixed_packages
0
url pkg:apk/alpine/curl@8.11.1-r0?arch=riscv64&distroversion=v3.21&reponame=main
purl pkg:apk/alpine/curl@8.11.1-r0?arch=riscv64&distroversion=v3.21&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.11.1-r0%3Farch=riscv64&distroversion=v3.21&reponame=main
aliases CVE-2024-11053
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u1p8-s8vm-3yer
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.11.1-r0%3Farch=riscv64&distroversion=v3.21&reponame=main