{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","type":"deb","namespace":"debian","name":"curl","version":"7.88.1-10+deb12u7","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"8.14.1-2+deb13u2~bpo13+1","latest_non_vulnerable_version":"8.20.0-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64301?format=json","vulnerability_id":"VCID-2cx5-1qnw-uufj","summary":"curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1965.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1965.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1965","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16949","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17194","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17246","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16802","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16891","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16923","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19232","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19144","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19134","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19092","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19246","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.18978","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19316","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19261","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19223","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1965"},{"reference_url":"https://curl.se/docs/CVE-2026-1965.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:31:56Z/"}],"url":"https://curl.se/docs/CVE-2026-1965.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1965"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446448","reference_id":"2446448","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446448"},{"reference_url":"https://curl.se/docs/CVE-2026-1965.json","reference_id":"CVE-2026-1965.json","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:31:56Z/"}],"url":"https://curl.se/docs/CVE-2026-1965.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8084-1/","reference_id":"USN-8084-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8084-1/"},{"reference_url":"https://usn.ubuntu.com/8099-1/","reference_id":"USN-8099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8099-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/583294?format=json","purl":"pkg:deb/debian/curl@8.18.0-1~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-1~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"}],"aliases":["CVE-2026-1965"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2cx5-1qnw-uufj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77132?format=json","vulnerability_id":"VCID-2szj-xvgq-pkfr","summary":"curl: QUIC certificate check bypass with wolfSSL","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2379.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2379.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2379","reference_id":"","reference_type":"","scores":[{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42361","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42672","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42699","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42641","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42692","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42704","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42726","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42691","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42674","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42735","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42724","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.4266","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42584","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42501","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2379"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2379"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/18","reference_id":"18","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/18"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/19","reference_id":"19","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/19"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/27/2","reference_id":"2","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/03/27/2"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/20","reference_id":"20","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/20"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270499","reference_id":"2270499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270499"},{"reference_url":"https://hackerone.com/reports/2410774","reference_id":"2410774","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/"}],"url":"https://hackerone.com/reports/2410774"},{"reference_url":"https://curl.se/docs/CVE-2024-2379.html","reference_id":"CVE-2024-2379.html","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/"}],"url":"https://curl.se/docs/CVE-2024-2379.html"},{"reference_url":"https://curl.se/docs/CVE-2024-2379.json","reference_id":"CVE-2024-2379.json","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/"}],"url":"https://curl.se/docs/CVE-2024-2379.json"},{"reference_url":"https://support.apple.com/kb/HT214118","reference_id":"HT214118","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/"}],"url":"https://support.apple.com/kb/HT214118"},{"reference_url":"https://support.apple.com/kb/HT214119","reference_id":"HT214119","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/"}],"url":"https://support.apple.com/kb/HT214119"},{"reference_url":"https://support.apple.com/kb/HT214120","reference_id":"HT214120","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/"}],"url":"https://support.apple.com/kb/HT214120"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240531-0001/","reference_id":"ntap-20240531-0001","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T17:42:40Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240531-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2693","reference_id":"RHSA-2024:2693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2694","reference_id":"RHSA-2024:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"}],"aliases":["CVE-2024-2379"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2szj-xvgq-pkfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354616?format=json","vulnerability_id":"VCID-3qck-hm3c-tqaq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4873.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4873.json"},{"reference_url":"https://curl.se/docs/CVE-2026-4873.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-4873.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4873"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3621851","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3621851"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461200","reference_id":"2461200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1089027?format=json","purl":"pkg:deb/debian/curl@8.20.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-1"}],"aliases":["CVE-2026-4873"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3qck-hm3c-tqaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57260?format=json","vulnerability_id":"VCID-4e1k-7bj9-hfch","summary":"Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23914.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23914.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23914","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28514","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31955","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32048","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31527","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31611","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31738","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31906","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31934","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31922","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32088","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31911","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31963","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31992","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31995","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23914"},{"reference_url":"https://curl.se/docs/CVE-2023-23914.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-23914.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23914"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1813864","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-12T18:51:37Z/"}],"url":"https://hackerone.com/reports/1813864"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371","reference_id":"1031371","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2167797","reference_id":"2167797","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2167797"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-12T18:51:37Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230309-0006/","reference_id":"ntap-20230309-0006","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-03-12T18:51:37Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230309-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://usn.ubuntu.com/5891-1/","reference_id":"USN-5891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"}],"aliases":["CVE-2023-23914"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4e1k-7bj9-hfch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57261?format=json","vulnerability_id":"VCID-4gze-cwtp-2bgr","summary":"Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23915.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23915.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23915","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11394","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13846","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13978","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13737","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13821","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13848","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13823","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13749","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13754","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14033","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13836","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1392","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13973","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1393","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13894","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23915"},{"reference_url":"https://curl.se/docs/CVE-2023-23915.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-23915.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23915","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23915"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1814333","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1814333"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371","reference_id":"1031371","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031371"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2167813","reference_id":"2167813","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2167813"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:46:29Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230309-0006/","reference_id":"ntap-20230309-0006","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T18:46:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230309-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://usn.ubuntu.com/5891-1/","reference_id":"USN-5891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"}],"aliases":["CVE-2023-23915"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4gze-cwtp-2bgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47209?format=json","vulnerability_id":"VCID-4seq-hvbx-7fg8","summary":"Multiple vulnerabilities have been discovered in curl, the worst of which could lead to information disclosure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46219.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46219.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46219","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42066","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42478","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.4244","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.4241","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42459","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42434","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42362","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42298","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42295","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42211","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44703","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44723","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.4466","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44713","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44716","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46219"},{"reference_url":"https://curl.se/docs/CVE-2023-46219.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/"}],"url":"https://curl.se/docs/CVE-2023-46219.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46219","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46219"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2236133","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/"}],"url":"https://hackerone.com/reports/2236133"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057645","reference_id":"1057645","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057645"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252034","reference_id":"2252034","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2252034"},{"reference_url":"https://www.debian.org/security/2023/dsa-5587","reference_id":"dsa-5587","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/"}],"url":"https://www.debian.org/security/2023/dsa-5587"},{"reference_url":"https://security.gentoo.org/glsa/202409-20","reference_id":"GLSA-202409-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-20"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240119-0007/","reference_id":"ntap-20240119-0007","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240119-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1316","reference_id":"RHSA-2024:1316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1317","reference_id":"RHSA-2024:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1317"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/","reference_id":"UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:01:11Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/"},{"reference_url":"https://usn.ubuntu.com/6535-1/","reference_id":"USN-6535-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6535-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"}],"aliases":["CVE-2023-46219"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4seq-hvbx-7fg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49259?format=json","vulnerability_id":"VCID-56wg-yafz-gkgx","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22922.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22922.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22922","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34891","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34517","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35088","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35115","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34995","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35039","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35067","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35071","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35036","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35012","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3505","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35035","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34988","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34757","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34738","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34648","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22922"},{"reference_url":"https://curl.se/docs/CVE-2021-22922.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2021-22922.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1213175","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://hackerone.com/reports/1213175"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1981435","reference_id":"1981435","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1981435"},{"reference_url":"https://security.archlinux.org/ASA-202107-59","reference_id":"ASA-202107-59","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-59"},{"reference_url":"https://security.archlinux.org/AVG-2194","reference_id":"AVG-2194","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2194"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/","reference_id":"FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210902-0003/","reference_id":"ntap-20210902-0003","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210902-0003/"},{"reference_url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E","reference_id":"r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E","reference_id":"r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E","reference_id":"rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E","reference_id":"rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T14:09:24Z/"}],"url":"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3582","reference_id":"RHSA-2021:3582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3903","reference_id":"RHSA-2021:3903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3903"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"}],"aliases":["CVE-2021-22922"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-56wg-yafz-gkgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71914?format=json","vulnerability_id":"VCID-6we4-n888-6qhe","summary":"libcurl: Buffer Overflow in libcurl via zlib Integer Overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0725.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0725.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0725","reference_id":"","reference_type":"","scores":[{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63292","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63305","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63322","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63306","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.6327","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63314","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63869","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63788","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63867","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63815","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63772","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63823","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.6384","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.63856","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-0725"},{"reference_url":"https://curl.se/docs/CVE-2025-0725.html","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/"}],"url":"https://curl.se/docs/CVE-2025-0725.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0725","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0725"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/2956023","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/"}],"url":"https://hackerone.com/reports/2956023"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343899","reference_id":"2343899","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2343899"},{"reference_url":"https://curl.se/docs/CVE-2025-0725.json","reference_id":"CVE-2025-0725.json","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:33:50Z/"}],"url":"https://curl.se/docs/CVE-2025-0725.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"}],"aliases":["CVE-2025-0725"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6we4-n888-6qhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64299?format=json","vulnerability_id":"VCID-8zks-th64-33b8","summary":"curl: curl: Unauthorized access due to improper HTTP proxy connection reuse","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3784","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03056","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03037","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03051","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03053","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03081","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03044","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03683","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03792","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03671","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03659","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03709","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06154","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06133","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06096","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06126","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3784"},{"reference_url":"https://curl.se/docs/CVE-2026-3784.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/"}],"url":"https://curl.se/docs/CVE-2026-3784.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3584903","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/"}],"url":"https://hackerone.com/reports/3584903"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446449","reference_id":"2446449","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446449"},{"reference_url":"https://curl.se/docs/CVE-2026-3784.json","reference_id":"CVE-2026-3784.json","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:48:38Z/"}],"url":"https://curl.se/docs/CVE-2026-3784.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8084-1/","reference_id":"USN-8084-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8084-1/"},{"reference_url":"https://usn.ubuntu.com/8099-1/","reference_id":"USN-8099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8099-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/583294?format=json","purl":"pkg:deb/debian/curl@8.18.0-1~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-1~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"}],"aliases":["CVE-2026-3784"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8zks-th64-33b8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354617?format=json","vulnerability_id":"VCID-bgdk-ebn7-eycn","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5545.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5545.json"},{"reference_url":"https://curl.se/docs/CVE-2026-5545.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-5545.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5545"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3642555","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3642555"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461204","reference_id":"2461204","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1089027?format=json","purl":"pkg:deb/debian/curl@8.20.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-1"}],"aliases":["CVE-2026-5545"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bgdk-ebn7-eycn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57267?format=json","vulnerability_id":"VCID-ddgz-rczw-jqfw","summary":"Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28320.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28320.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28320","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67593","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67504","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67581","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67546","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67579","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67592","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.6757","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67526","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67556","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70659","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70622","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70673","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00641","scoring_system":"epss","scoring_elements":"0.70682","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28320"},{"reference_url":"https://curl.se/docs/CVE-2023-28320.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2023-28320.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28320","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28320"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1929597","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://hackerone.com/reports/1929597"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239","reference_id":"1036239","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036239"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196783","reference_id":"2196783","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196783"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/47","reference_id":"47","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/47"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/48","reference_id":"48","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/48"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/52","reference_id":"52","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/52"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://support.apple.com/kb/HT213843","reference_id":"HT213843","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://support.apple.com/kb/HT213843"},{"reference_url":"https://support.apple.com/kb/HT213844","reference_id":"HT213844","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://support.apple.com/kb/HT213844"},{"reference_url":"https://support.apple.com/kb/HT213845","reference_id":"HT213845","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://support.apple.com/kb/HT213845"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230609-0009/","reference_id":"ntap-20230609-0009","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:57:47Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230609-0009/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"}],"aliases":["CVE-2023-28320"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ddgz-rczw-jqfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64300?format=json","vulnerability_id":"VCID-etzn-uhck-h7b2","summary":"curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3783.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3783","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03521","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03496","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03509","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0352","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03544","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.035","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04175","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04277","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04152","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04144","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.042","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0645","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06431","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06397","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06421","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3783"},{"reference_url":"https://curl.se/docs/CVE-2026-3783.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/"}],"url":"https://curl.se/docs/CVE-2026-3783.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3583983","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/"}],"url":"https://hackerone.com/reports/3583983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446450","reference_id":"2446450","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2446450"},{"reference_url":"https://curl.se/docs/CVE-2026-3783.json","reference_id":"CVE-2026-3783.json","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-11T14:25:28Z/"}],"url":"https://curl.se/docs/CVE-2026-3783.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8084-1/","reference_id":"USN-8084-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8084-1/"},{"reference_url":"https://usn.ubuntu.com/8099-1/","reference_id":"USN-8099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8099-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/583294?format=json","purl":"pkg:deb/debian/curl@8.18.0-1~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-1~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"}],"aliases":["CVE-2026-3783"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-etzn-uhck-h7b2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354618?format=json","vulnerability_id":"VCID-g4jw-azg9-gqbs","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5773.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5773.json"},{"reference_url":"https://curl.se/docs/CVE-2026-5773.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-5773.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5773"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3650689","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3650689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461201","reference_id":"2461201","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1089027?format=json","purl":"pkg:deb/debian/curl@8.20.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-1"}],"aliases":["CVE-2026-5773"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g4jw-azg9-gqbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354620?format=json","vulnerability_id":"VCID-hayq-ra35-myf3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6276.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6276.json"},{"reference_url":"https://curl.se/docs/CVE-2026-6276.html","reference_id":"","reference_type":"","scores":[{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-6276.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6276"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3671818","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3671818"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461203","reference_id":"2461203","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1089027?format=json","purl":"pkg:deb/debian/curl@8.20.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-1"}],"aliases":["CVE-2026-6276"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hayq-ra35-myf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73974?format=json","vulnerability_id":"VCID-hrsy-694u-2fec","summary":"curl: OCSP stapling bypass with GnuTLS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8096.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8096.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8096","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66643","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66638","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66626","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66593","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66629","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66644","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6663","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66655","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66669","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66562","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66587","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66559","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66606","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6662","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-8096"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8096","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8096"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2310519","reference_id":"2310519","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2310519"},{"reference_url":"https://hackerone.com/reports/2669852","reference_id":"2669852","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/"}],"url":"https://hackerone.com/reports/2669852"},{"reference_url":"https://curl.se/docs/CVE-2024-8096.html","reference_id":"CVE-2024-8096.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/"}],"url":"https://curl.se/docs/CVE-2024-8096.html"},{"reference_url":"https://curl.se/docs/CVE-2024-8096.json","reference_id":"CVE-2024-8096.json","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:42:47Z/"}],"url":"https://curl.se/docs/CVE-2024-8096.json"},{"reference_url":"https://usn.ubuntu.com/7012-1/","reference_id":"USN-7012-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7012-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"}],"aliases":["CVE-2024-8096"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hrsy-694u-2fec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65185?format=json","vulnerability_id":"VCID-mkyr-w79c-qqfz","summary":"curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14017.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14017.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14017","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00631","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00583","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00579","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00584","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00624","published_at":"2026-04-29T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00621","published_at":"2026-04-24T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00623","published_at":"2026-04-26T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.006","published_at":"2026-04-02T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00593","published_at":"2026-04-08T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00595","published_at":"2026-04-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00587","published_at":"2026-04-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00586","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00582","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14017"},{"reference_url":"https://curl.se/docs/CVE-2025-14017.html","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T15:39:09Z/"}],"url":"https://curl.se/docs/CVE-2025-14017.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14017"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427870","reference_id":"2427870","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427870"},{"reference_url":"https://curl.se/docs/CVE-2025-14017.json","reference_id":"CVE-2025-14017.json","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-16T15:39:09Z/"}],"url":"https://curl.se/docs/CVE-2025-14017.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8062-1/","reference_id":"USN-8062-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-1/"},{"reference_url":"https://usn.ubuntu.com/8062-2/","reference_id":"USN-8062-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/583294?format=json","purl":"pkg:deb/debian/curl@8.18.0-1~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-1~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"}],"aliases":["CVE-2025-14017"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mkyr-w79c-qqfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96494?format=json","vulnerability_id":"VCID-nvzd-v3bs-6qek","summary":"When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file, libcurl could still mistakenly accept connecting to hosts *not present* in the specified file if they were added as recognized in the libssh *global* known_hosts file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15079.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15079.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15079","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10292","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10205","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10388","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10366","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10237","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10208","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.1034","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.1032","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10312","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10257","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10359","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.1026","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10333","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10399","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10428","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15079"},{"reference_url":"https://curl.se/docs/CVE-2025-15079.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:45:34Z/"}],"url":"https://curl.se/docs/CVE-2025-15079.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15079"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3477116","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:45:34Z/"}],"url":"https://hackerone.com/reports/3477116"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426409","reference_id":"2426409","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426409"},{"reference_url":"https://curl.se/docs/CVE-2025-15079.json","reference_id":"CVE-2025-15079.json","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:45:34Z/"}],"url":"https://curl.se/docs/CVE-2025-15079.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8062-1/","reference_id":"USN-8062-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-1/"},{"reference_url":"https://usn.ubuntu.com/8062-2/","reference_id":"USN-8062-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/583294?format=json","purl":"pkg:deb/debian/curl@8.18.0-1~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-1~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"}],"aliases":["CVE-2025-15079"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nvzd-v3bs-6qek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72951?format=json","vulnerability_id":"VCID-pwn6-j8vf-rufk","summary":"curl: HSTS subdomain overwrites parent cache entry","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9681.json","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9681.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9681","reference_id":"","reference_type":"","scores":[{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72644","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72572","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72562","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72605","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72615","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72606","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72648","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72657","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72654","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72522","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72539","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72515","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72554","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.72566","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00725","scoring_system":"epss","scoring_elements":"0.7259","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9681"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086804","reference_id":"1086804","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086804"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322969","reference_id":"2322969","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2322969"},{"reference_url":"https://hackerone.com/reports/2764830","reference_id":"2764830","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:16:59Z/"}],"url":"https://hackerone.com/reports/2764830"},{"reference_url":"https://curl.se/docs/CVE-2024-9681.html","reference_id":"CVE-2024-9681.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:16:59Z/"}],"url":"https://curl.se/docs/CVE-2024-9681.html"},{"reference_url":"https://curl.se/docs/CVE-2024-9681.json","reference_id":"CVE-2024-9681.json","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:16:59Z/"}],"url":"https://curl.se/docs/CVE-2024-9681.json"},{"reference_url":"https://usn.ubuntu.com/7104-1/","reference_id":"USN-7104-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7104-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"}],"aliases":["CVE-2024-9681"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pwn6-j8vf-rufk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49260?format=json","vulnerability_id":"VCID-qbpd-star-6fgn","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22923.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-22923.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22923","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20522","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25873","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25879","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25838","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25782","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25784","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25766","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25738","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25683","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25674","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25626","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25937","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25978","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25745","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25816","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25868","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-22923"},{"reference_url":"https://curl.se/docs/CVE-2021-22923.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2021-22923.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1213181","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/"}],"url":"https://hackerone.com/reports/1213181"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1981438","reference_id":"1981438","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1981438"},{"reference_url":"https://security.archlinux.org/ASA-202107-59","reference_id":"ASA-202107-59","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-59"},{"reference_url":"https://security.archlinux.org/AVG-2194","reference_id":"AVG-2194","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2194"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/","reference_id":"FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210902-0003/","reference_id":"ntap-20210902-0003","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:25:07Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210902-0003/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3582","reference_id":"RHSA-2021:3582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3903","reference_id":"RHSA-2021:3903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3903"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"}],"aliases":["CVE-2021-22923"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qbpd-star-6fgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66608?format=json","vulnerability_id":"VCID-qpux-jh6k-8qhx","summary":"curl: Curl missing SFTP host verification with wolfSSH backend","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10966.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10966.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10966","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04624","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05288","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05467","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05252","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05309","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05274","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.0526","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05246","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05191","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07083","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07019","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07098","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07151","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07117","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07123","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10966"},{"reference_url":"https://curl.se/docs/CVE-2025-10966.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:26:03Z/"}],"url":"https://curl.se/docs/CVE-2025-10966.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10966"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3355218","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:26:03Z/"}],"url":"https://hackerone.com/reports/3355218"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2413308","reference_id":"2413308","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2413308"},{"reference_url":"https://curl.se/docs/CVE-2025-10966.json","reference_id":"CVE-2025-10966.json","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:26:03Z/"}],"url":"https://curl.se/docs/CVE-2025-10966.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/583294?format=json","purl":"pkg:deb/debian/curl@8.18.0-1~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-1~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"}],"aliases":["CVE-2025-10966"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qpux-jh6k-8qhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354619?format=json","vulnerability_id":"VCID-rsgn-r3yp-nkb6","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6253.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6253.json"},{"reference_url":"https://curl.se/docs/CVE-2026-6253.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-6253.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6253","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6253"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3669637","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3669637"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461202","reference_id":"2461202","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1089027?format=json","purl":"pkg:deb/debian/curl@8.20.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-1"}],"aliases":["CVE-2026-6253"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rsgn-r3yp-nkb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/355415?format=json","vulnerability_id":"VCID-sshs-1k6e-cqer","summary":"","references":[{"reference_url":"https://curl.se/docs/CVE-2026-7168.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-7168.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7168","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7168"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3697719","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3697719"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1089027?format=json","purl":"pkg:deb/debian/curl@8.20.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-1"}],"aliases":["CVE-2026-7168"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sshs-1k6e-cqer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96495?format=json","vulnerability_id":"VCID-vbbv-k1r7-kkas","summary":"When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15224.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15224.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15224","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24629","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24215","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24526","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2447","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24485","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24479","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24454","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24395","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2438","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24338","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24667","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24442","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2451","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24554","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2457","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15224"},{"reference_url":"https://curl.se/docs/CVE-2025-15224.html","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:38:20Z/"}],"url":"https://curl.se/docs/CVE-2025-15224.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15224","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15224"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3480925","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:38:20Z/"}],"url":"https://hackerone.com/reports/3480925"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426410","reference_id":"2426410","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426410"},{"reference_url":"https://curl.se/docs/CVE-2025-15224.json","reference_id":"CVE-2025-15224.json","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:38:20Z/"}],"url":"https://curl.se/docs/CVE-2025-15224.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8062-1/","reference_id":"USN-8062-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-1/"},{"reference_url":"https://usn.ubuntu.com/8062-2/","reference_id":"USN-8062-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/583294?format=json","purl":"pkg:deb/debian/curl@8.18.0-1~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-1~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"}],"aliases":["CVE-2025-15224"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vbbv-k1r7-kkas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96485?format=json","vulnerability_id":"VCID-x57x-w8g8-7ybz","summary":"When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14524.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14524.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14524","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07128","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07218","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07237","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07234","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07222","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07212","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0715","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07127","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07251","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07226","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07177","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07151","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07206","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14524"},{"reference_url":"https://curl.se/docs/CVE-2025-14524.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Low","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/"}],"url":"https://curl.se/docs/CVE-2025-14524.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14524"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3459417","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/"}],"url":"https://hackerone.com/reports/3459417"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426407","reference_id":"2426407","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2426407"},{"reference_url":"https://curl.se/docs/CVE-2025-14524.json","reference_id":"CVE-2025-14524.json","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T19:24:54Z/"}],"url":"https://curl.se/docs/CVE-2025-14524.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6893","reference_id":"RHSA-2026:6893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6893"},{"reference_url":"https://usn.ubuntu.com/8062-1/","reference_id":"USN-8062-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8062-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/583294?format=json","purl":"pkg:deb/debian/curl@8.18.0-1~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-1~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"}],"aliases":["CVE-2025-14524"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x57x-w8g8-7ybz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57258?format=json","vulnerability_id":"VCID-xpss-yndr-mycj","summary":"Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43551.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43551.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43551","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12773","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12923","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12972","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12852","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12902","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12868","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12831","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12786","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1269","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12697","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12798","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12819","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15055","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15114","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.14926","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43551"},{"reference_url":"https://curl.se/docs/CVE-2022-43551.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2022-43551.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43551"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1755083","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:38:16Z/"}],"url":"https://hackerone.com/reports/1755083"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026829","reference_id":"1026829","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026829"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2152639","reference_id":"2152639","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2152639"},{"reference_url":"https://security.gentoo.org/glsa/202310-12","reference_id":"GLSA-202310-12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:38:16Z/"}],"url":"https://security.gentoo.org/glsa/202310-12"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0007/","reference_id":"ntap-20230427-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:38:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/","reference_id":"TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:38:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVWZW5CNSJ7UYAF2BGSYAWAEXDJYUBHA/"},{"reference_url":"https://usn.ubuntu.com/5788-1/","reference_id":"USN-5788-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5788-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"}],"aliases":["CVE-2022-43551"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xpss-yndr-mycj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49282?format=json","vulnerability_id":"VCID-yaas-j3qk-kfdg","summary":"Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42916.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42916.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42916","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14481","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14637","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14669","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14667","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14603","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25934","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25958","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26017","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26063","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26053","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26002","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25945","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25964","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31155","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.31202","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42916"},{"reference_url":"https://curl.se/docs/CVE-2022-42916.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://curl.se/docs/CVE-2022-42916.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42916"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/1730660","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/1730660"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/12/21/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/12/21/1"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/19","reference_id":"19","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/19"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jan/20","reference_id":"20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jan/20"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135416","reference_id":"2135416","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2135416"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/","reference_id":"37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2/"},{"reference_url":"https://security.gentoo.org/glsa/202212-01","reference_id":"GLSA-202212-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://security.gentoo.org/glsa/202212-01"},{"reference_url":"https://support.apple.com/kb/HT213604","reference_id":"HT213604","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://support.apple.com/kb/HT213604"},{"reference_url":"https://support.apple.com/kb/HT213605","reference_id":"HT213605","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://support.apple.com/kb/HT213605"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/","reference_id":"HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221209-0010/","reference_id":"ntap-20221209-0010","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221209-0010/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/","reference_id":"Q27V5YYMXUVI6PRZQVECON32XPVWTKDK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:06:47Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://usn.ubuntu.com/5702-1/","reference_id":"USN-5702-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5702-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"}],"aliases":["CVE-2022-42916"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yaas-j3qk-kfdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354621?format=json","vulnerability_id":"VCID-ydcp-ufa5-rqhd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6429.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6429.json"},{"reference_url":"https://curl.se/docs/CVE-2026-6429.html","reference_id":"","reference_type":"","scores":[{"value":"Medium","scoring_system":"cvssv3.1","scoring_elements":""}],"url":"https://curl.se/docs/CVE-2026-6429.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6429","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6429"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://hackerone.com/reports/3677759","reference_id":"","reference_type":"","scores":[],"url":"https://hackerone.com/reports/3677759"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461205","reference_id":"2461205","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2461205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12916","reference_id":"RHSA-2026:12916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12916"},{"reference_url":"https://usn.ubuntu.com/8227-1/","reference_id":"USN-8227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582290?format=json","purl":"pkg:deb/debian/curl@7.88.1-10%2Bdeb12u7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/582758?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u2~bpo13%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089397?format=json","purl":"pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1026189?format=json","purl":"pkg:deb/debian/curl@8.18.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.18.0-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1089027?format=json","purl":"pkg:deb/debian/curl@8.20.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-1"}],"aliases":["CVE-2026-6429"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ydcp-ufa5-rqhd"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u7"}