Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-85ne-e7gm-5ua9

Summary libcurl's ASN1 parser has this utf8asn1str() function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes `free()` on a 4 byte localstack buffer. Most modern malloc implementations detect this error and immediately abort. Some however accept the input pointer and add that memory to its list of available chunks. This leads to the overwriting of nearby stack memory. The content of the overwrite is decided by the `free()` implementation; likely to be memory pointers and a set of flags. The most likely outcome of exploting this flaw is a crash, although it cannot be ruled out that more serious results can be had in special circumstances.

Aliases

alias	CVE-2024-6197

Fixed_packages

url	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=aarch64&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armhf&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=aarch64&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armhf&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armv7&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=loongarch64&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=loongarch64&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=loongarch64&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=ppc64le&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=riscv64&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=riscv64&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=riscv64&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=s390x&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=v3.21&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=v3.21&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86_64&distroversion=v3.21&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=aarch64&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armhf&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armv7&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=ppc64le&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=s390x&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86_64&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=aarch64&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armhf&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armv7&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=loongarch64&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=loongarch64&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=loongarch64&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=ppc64le&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=riscv64&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=riscv64&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=riscv64&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=s390x&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=v3.23&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=v3.23&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86_64&distroversion=v3.23&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armv7&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=ppc64le&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=s390x&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=v3.19&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=v3.19&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=aarch64&distroversion=v3.19&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=v3.19&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=v3.19&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armhf&distroversion=v3.19&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=v3.19&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=v3.19&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armv7&distroversion=v3.19&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=v3.19&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=v3.19&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=ppc64le&distroversion=v3.19&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=v3.19&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=v3.19&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=s390x&distroversion=v3.19&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=v3.19&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=v3.19&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86&distroversion=v3.19&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=v3.19&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=v3.19&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86_64&distroversion=v3.19&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=aarch64&distroversion=edge&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=edge&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armhf&distroversion=edge&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=edge&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armv7&distroversion=edge&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=loongarch64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=loongarch64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=loongarch64&distroversion=edge&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=edge&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=ppc64le&distroversion=edge&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=riscv64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=riscv64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=riscv64&distroversion=edge&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=edge&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=s390x&distroversion=edge&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=edge&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86&distroversion=edge&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=edge&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=edge&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86_64&distroversion=edge&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=aarch64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=aarch64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armhf&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armhf&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=armv7&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=armv7&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=ppc64le&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=riscv64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=riscv64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=riscv64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=s390x&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=s390x&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/curl@8.9.0-r0?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/curl@8.9.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=main

url	pkg:deb/debian/curl@0?distro=trixie
purl	pkg:deb/debian/curl@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@0%3Fdistro=trixie

url pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie

purl pkg:deb/debian/curl@7.74.0-1.3%2Bdeb11u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-18p4-rvxz-pkeu

vulnerability	VCID-1dw3-33ju-jkbs

vulnerability	VCID-1m1w-rayk-sffe

vulnerability	VCID-21ff-tazv-9ud3

vulnerability	VCID-287k-bzqy-n7ag

vulnerability	VCID-39qh-jayw-g3dh

vulnerability	VCID-5un8-xymy-37bt

vulnerability	VCID-6ggz-pa5t-77c4

vulnerability	VCID-7wqd-99h2-e7hk

vulnerability	VCID-85qb-zec7-subc

vulnerability	VCID-a8z6-bswu-jue8

vulnerability	VCID-bcuq-n4vb-k7f3

vulnerability	VCID-f9nm-d5ax-qkcb

vulnerability	VCID-fcb7-8163-muf4

vulnerability	VCID-g7ux-4vz2-ckfg

vulnerability	VCID-h4nw-va5b-23ef

vulnerability	VCID-hhms-2hg6-nke9

vulnerability	VCID-ns58-vmsz-5ued

vulnerability	VCID-nwvb-d466-4uaa

vulnerability	VCID-p155-gbtu-abg1

vulnerability	VCID-secz-78pt-dben

vulnerability	VCID-ucyf-faft-33bv

vulnerability	VCID-v82t-s9e1-2fbw

vulnerability	VCID-w8ff-vxga-8qcz

vulnerability	VCID-wgur-psum-pbck

vulnerability	VCID-y44u-23he-aya8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.74.0-1.3%252Bdeb11u13%3Fdistro=trixie

url pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie

purl pkg:deb/debian/curl@7.88.1-10%2Bdeb12u14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1dw3-33ju-jkbs

vulnerability	VCID-21ff-tazv-9ud3

vulnerability	VCID-39qh-jayw-g3dh

vulnerability	VCID-5un8-xymy-37bt

vulnerability	VCID-7wqd-99h2-e7hk

vulnerability	VCID-bcuq-n4vb-k7f3

vulnerability	VCID-ezve-gc2h-qyga

vulnerability	VCID-f9nm-d5ax-qkcb

vulnerability	VCID-fcb7-8163-muf4

vulnerability	VCID-g7ux-4vz2-ckfg

vulnerability	VCID-gux4-dncg-h7a6

vulnerability	VCID-hhms-2hg6-nke9

vulnerability	VCID-p155-gbtu-abg1

vulnerability	VCID-secz-78pt-dben

vulnerability	VCID-ucyf-faft-33bv

vulnerability	VCID-v82t-s9e1-2fbw

vulnerability	VCID-w8ff-vxga-8qcz

vulnerability	VCID-wgur-psum-pbck

vulnerability	VCID-y44u-23he-aya8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@7.88.1-10%252Bdeb12u14%3Fdistro=trixie

url	pkg:deb/debian/curl@8.9.0-1?distro=trixie
purl	pkg:deb/debian/curl@8.9.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.9.0-1%3Fdistro=trixie

url pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie

purl pkg:deb/debian/curl@8.14.1-2%2Bdeb13u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21ff-tazv-9ud3

vulnerability	VCID-39qh-jayw-g3dh

vulnerability	VCID-5un8-xymy-37bt

vulnerability	VCID-7wqd-99h2-e7hk

vulnerability	VCID-bcuq-n4vb-k7f3

vulnerability	VCID-f9nm-d5ax-qkcb

vulnerability	VCID-fcb7-8163-muf4

vulnerability	VCID-fxgf-t3ue-6qhf

vulnerability	VCID-g7ux-4vz2-ckfg

vulnerability	VCID-gux4-dncg-h7a6

vulnerability	VCID-hhms-2hg6-nke9

vulnerability	VCID-p155-gbtu-abg1

vulnerability	VCID-secz-78pt-dben

vulnerability	VCID-v82t-s9e1-2fbw

vulnerability	VCID-w8ff-vxga-8qcz

vulnerability	VCID-wgur-psum-pbck

vulnerability	VCID-y44u-23he-aya8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.14.1-2%252Bdeb13u3%3Fdistro=trixie

url	pkg:deb/debian/curl@8.20.0-2?distro=trixie
purl	pkg:deb/debian/curl@8.20.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-2%3Fdistro=trixie

url	pkg:deb/debian/curl@8.20.0-5?distro=trixie
purl	pkg:deb/debian/curl@8.20.0-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/curl@8.20.0-5%3Fdistro=trixie

url pkg:generic/curl.se/curl@8.9.0

purl pkg:generic/curl.se/curl@8.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1dw3-33ju-jkbs

vulnerability	VCID-21ff-tazv-9ud3

vulnerability	VCID-39qh-jayw-g3dh

vulnerability	VCID-3p2z-61gq-muhs

vulnerability	VCID-5un8-xymy-37bt

vulnerability	VCID-6ggz-pa5t-77c4

vulnerability	VCID-7wqd-99h2-e7hk

vulnerability	VCID-bcuq-n4vb-k7f3

vulnerability	VCID-bp56-gy66-mqae

vulnerability	VCID-f9nm-d5ax-qkcb

vulnerability	VCID-fcb7-8163-muf4

vulnerability	VCID-g7ux-4vz2-ckfg

vulnerability	VCID-gux4-dncg-h7a6

vulnerability	VCID-hhms-2hg6-nke9

vulnerability	VCID-kq38-7s5x-nqaz

vulnerability	VCID-ns6z-wp2x-fkdq

vulnerability	VCID-p155-gbtu-abg1

vulnerability	VCID-secz-78pt-dben

vulnerability	VCID-t45k-skv6-cfg2

vulnerability	VCID-u1p8-s8vm-3yer

vulnerability	VCID-v82t-s9e1-2fbw

vulnerability	VCID-w8ff-vxga-8qcz

vulnerability	VCID-wgur-psum-pbck

vulnerability	VCID-y41p-tgpa-m7cs

vulnerability	VCID-y44u-23he-aya8

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.9.0

Affected_packages

url pkg:generic/curl.se/curl@8.6.0

purl pkg:generic/curl.se/curl@8.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1dw3-33ju-jkbs

vulnerability	VCID-21ff-tazv-9ud3

vulnerability	VCID-39qh-jayw-g3dh

vulnerability	VCID-3p2z-61gq-muhs

vulnerability	VCID-5un8-xymy-37bt

vulnerability	VCID-6ggz-pa5t-77c4

vulnerability	VCID-7wqd-99h2-e7hk

vulnerability	VCID-85ne-e7gm-5ua9

vulnerability	VCID-bcuq-n4vb-k7f3

vulnerability	VCID-bp56-gy66-mqae

vulnerability	VCID-f9nm-d5ax-qkcb

vulnerability	VCID-fcb7-8163-muf4

vulnerability	VCID-ffmg-djmk-57hn

vulnerability	VCID-g7ux-4vz2-ckfg

vulnerability	VCID-gux4-dncg-h7a6

vulnerability	VCID-hhms-2hg6-nke9

vulnerability	VCID-jnq1-hk6d-b3a3

vulnerability	VCID-ke97-b9rb-5bfd

vulnerability	VCID-kq38-7s5x-nqaz

vulnerability	VCID-p155-gbtu-abg1

vulnerability	VCID-secz-78pt-dben

vulnerability	VCID-u1p8-s8vm-3yer

vulnerability	VCID-ucyf-faft-33bv

vulnerability	VCID-v82t-s9e1-2fbw

vulnerability	VCID-w8ff-vxga-8qcz

vulnerability	VCID-wgur-psum-pbck

vulnerability	VCID-y41p-tgpa-m7cs

vulnerability	VCID-y44u-23he-aya8

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.6.0

url pkg:generic/curl.se/curl@8.7.0

purl pkg:generic/curl.se/curl@8.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1dw3-33ju-jkbs

vulnerability	VCID-21ff-tazv-9ud3

vulnerability	VCID-39qh-jayw-g3dh

vulnerability	VCID-3p2z-61gq-muhs

vulnerability	VCID-5un8-xymy-37bt

vulnerability	VCID-6ggz-pa5t-77c4

vulnerability	VCID-7wqd-99h2-e7hk

vulnerability	VCID-85ne-e7gm-5ua9

vulnerability	VCID-bcuq-n4vb-k7f3

vulnerability	VCID-bp56-gy66-mqae

vulnerability	VCID-f9nm-d5ax-qkcb

vulnerability	VCID-fcb7-8163-muf4

vulnerability	VCID-g7ux-4vz2-ckfg

vulnerability	VCID-gux4-dncg-h7a6

vulnerability	VCID-hhms-2hg6-nke9

vulnerability	VCID-kq38-7s5x-nqaz

vulnerability	VCID-p155-gbtu-abg1

vulnerability	VCID-secz-78pt-dben

vulnerability	VCID-u1p8-s8vm-3yer

vulnerability	VCID-v82t-s9e1-2fbw

vulnerability	VCID-w8ff-vxga-8qcz

vulnerability	VCID-wgur-psum-pbck

vulnerability	VCID-y41p-tgpa-m7cs

vulnerability	VCID-y44u-23he-aya8

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.7.0

url pkg:generic/curl.se/curl@8.7.1

purl pkg:generic/curl.se/curl@8.7.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1dw3-33ju-jkbs

vulnerability	VCID-21ff-tazv-9ud3

vulnerability	VCID-39qh-jayw-g3dh

vulnerability	VCID-3p2z-61gq-muhs

vulnerability	VCID-5un8-xymy-37bt

vulnerability	VCID-6ggz-pa5t-77c4

vulnerability	VCID-7wqd-99h2-e7hk

vulnerability	VCID-85ne-e7gm-5ua9

vulnerability	VCID-bcuq-n4vb-k7f3

vulnerability	VCID-bp56-gy66-mqae

vulnerability	VCID-f9nm-d5ax-qkcb

vulnerability	VCID-fcb7-8163-muf4

vulnerability	VCID-g7ux-4vz2-ckfg

vulnerability	VCID-gux4-dncg-h7a6

vulnerability	VCID-hhms-2hg6-nke9

vulnerability	VCID-kq38-7s5x-nqaz

vulnerability	VCID-p155-gbtu-abg1

vulnerability	VCID-secz-78pt-dben

vulnerability	VCID-u1p8-s8vm-3yer

vulnerability	VCID-v82t-s9e1-2fbw

vulnerability	VCID-w8ff-vxga-8qcz

vulnerability	VCID-wgur-psum-pbck

vulnerability	VCID-y41p-tgpa-m7cs

vulnerability	VCID-y44u-23he-aya8

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.7.1

url pkg:generic/curl.se/curl@8.8.0

purl pkg:generic/curl.se/curl@8.8.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1dw3-33ju-jkbs

vulnerability	VCID-21ff-tazv-9ud3

vulnerability	VCID-39qh-jayw-g3dh

vulnerability	VCID-3p2z-61gq-muhs

vulnerability	VCID-5un8-xymy-37bt

vulnerability	VCID-6ggz-pa5t-77c4

vulnerability	VCID-7wqd-99h2-e7hk

vulnerability	VCID-85ne-e7gm-5ua9

vulnerability	VCID-bcuq-n4vb-k7f3

vulnerability	VCID-bp56-gy66-mqae

vulnerability	VCID-f9nm-d5ax-qkcb

vulnerability	VCID-fcb7-8163-muf4

vulnerability	VCID-g7ux-4vz2-ckfg

vulnerability	VCID-gux4-dncg-h7a6

vulnerability	VCID-hhms-2hg6-nke9

vulnerability	VCID-kq38-7s5x-nqaz

vulnerability	VCID-ns6z-wp2x-fkdq

vulnerability	VCID-p155-gbtu-abg1

vulnerability	VCID-p8w1-7thk-z7bk

vulnerability	VCID-secz-78pt-dben

vulnerability	VCID-t45k-skv6-cfg2

vulnerability	VCID-u1p8-s8vm-3yer

vulnerability	VCID-v82t-s9e1-2fbw

vulnerability	VCID-w8ff-vxga-8qcz

vulnerability	VCID-wgur-psum-pbck

vulnerability	VCID-y41p-tgpa-m7cs

vulnerability	VCID-y44u-23he-aya8

resource_url http://public2.vulnerablecode.io/packages/pkg:generic/curl.se/curl@8.8.0

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6197.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6197.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-6197

reference_id

reference_type

scores

value	0.01302
scoring_system	epss
scoring_elements	0.80116
published_at	2026-06-06T12:55:00Z

value	0.01302
scoring_system	epss
scoring_elements	0.80112
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-6197

reference_url

https://curl.se/docs/CVE-2024-6197.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Medium
scoring_system	cvssv3.1
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/

url

https://curl.se/docs/CVE-2024-6197.html

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://hackerone.com/reports/2559516

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/

url

https://hackerone.com/reports/2559516

reference_url

http://www.openwall.com/lists/oss-security/2024/07/24/1

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/

url

http://www.openwall.com/lists/oss-security/2024/07/24/1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076996
reference_id	1076996
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076996

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2299653
reference_id	2299653
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2299653

reference_url

http://www.openwall.com/lists/oss-security/2024/07/24/5

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/

url

http://www.openwall.com/lists/oss-security/2024/07/24/5

reference_url

https://curl.se/docs/CVE-2024-6197.json

reference_id

CVE-2024-6197.json

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-24T18:42:30Z/

url

https://curl.se/docs/CVE-2024-6197.json

Weaknesses

cwe_id	590
name	Free of Memory not on the Heap
description	The product calls free() on a pointer to memory that was not allocated using associated heap allocation functions such as malloc(), calloc(), or realloc().

Exploits

Severity_range_score 4.0 - 7.5

Exploitability 0.5

Weighted_severity 6.8

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-85ne-e7gm-5ua9

Vulnerability Instance