VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
cvssv3	6.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9594.json
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00731	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00847	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00847	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00847	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00847	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.00953	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01146	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01243	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01243	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01243	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01243	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01243	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01243	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01243	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01243	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01243	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01243	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.01243	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
epss	0.02607	https://api.first.org/data/v1/epss?cve=CVE-2016-9594
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=1408385
cvssv3.1	High	https://curl.se/docs/CVE-2016-9594.html
cvssv2	6.8	https://nvd.nist.gov/vuln/detail/CVE-2016-9594
cvssv3	8.1	https://nvd.nist.gov/vuln/detail/CVE-2016-9594
archlinux	Medium	https://security.archlinux.org/AVG-112
archlinux	Medium	https://security.archlinux.org/AVG-113
archlinux	Medium	https://security.archlinux.org/AVG-114
archlinux	Medium	https://security.archlinux.org/AVG-115
archlinux	Medium	https://security.archlinux.org/AVG-116
archlinux	Medium	https://security.archlinux.org/AVG-117

System

Score

Found at

cvssv3

6.5

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9594.json

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00731

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00847

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00847

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00847

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00847

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.00953

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01146

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01243

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01243

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01243

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01243

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01243

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01243

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01243

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01243

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01243

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01243

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.01243

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

epss

0.02607

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

rhbs

medium

https://bugzilla.redhat.com/show_bug.cgi?id=1408385

cvssv3.1

High

https://curl.se/docs/CVE-2016-9594.html

cvssv2

6.8

https://nvd.nist.gov/vuln/detail/CVE-2016-9594

cvssv3

8.1

https://nvd.nist.gov/vuln/detail/CVE-2016-9594

archlinux

Medium

https://security.archlinux.org/AVG-112

archlinux

Medium

https://security.archlinux.org/AVG-113

archlinux

Medium

https://security.archlinux.org/AVG-114

archlinux

Medium

https://security.archlinux.org/AVG-115

archlinux

Medium

https://security.archlinux.org/AVG-116

archlinux

Medium

https://security.archlinux.org/AVG-117

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9594.json
		https://api.first.org/data/v1/epss?cve=CVE-2016-9594
		https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9594
		https://curl.haxx.se/docs/adv_20161223.html
		https://curl.se/docs/CVE-2016-9594.html
		https://security.gentoo.org/glsa/201701-47
		https://www.tenable.com/security/tns-2017-04
		http://www.securityfocus.com/bid/95094
		http://www.securitytracker.com/id/1037528
1408385		https://bugzilla.redhat.com/show_bug.cgi?id=1408385
ASA-201612-22		https://security.archlinux.org/ASA-201612-22
ASA-201701-10		https://security.archlinux.org/ASA-201701-10
ASA-201701-11		https://security.archlinux.org/ASA-201701-11
ASA-201701-7		https://security.archlinux.org/ASA-201701-7
ASA-201701-8		https://security.archlinux.org/ASA-201701-8
ASA-201701-9		https://security.archlinux.org/ASA-201701-9
AVG-112		https://security.archlinux.org/AVG-112
AVG-113		https://security.archlinux.org/AVG-113
AVG-114		https://security.archlinux.org/AVG-114
AVG-115		https://security.archlinux.org/AVG-115
AVG-116		https://security.archlinux.org/AVG-116
AVG-117		https://security.archlinux.org/AVG-117
cpe:2.3:a:haxx:curl::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl::::::::
CVE-2016-9594		https://nvd.nist.gov/vuln/detail/CVE-2016-9594

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9594.json

https://api.first.org/data/v1/epss?cve=CVE-2016-9594

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9594

https://curl.haxx.se/docs/adv_20161223.html

https://curl.se/docs/CVE-2016-9594.html

https://security.gentoo.org/glsa/201701-47

https://www.tenable.com/security/tns-2017-04

http://www.securityfocus.com/bid/95094

http://www.securitytracker.com/id/1037528

1408385

https://bugzilla.redhat.com/show_bug.cgi?id=1408385

ASA-201612-22

https://security.archlinux.org/ASA-201612-22

ASA-201701-10

https://security.archlinux.org/ASA-201701-10

ASA-201701-11

https://security.archlinux.org/ASA-201701-11

ASA-201701-7

https://security.archlinux.org/ASA-201701-7

ASA-201701-8

https://security.archlinux.org/ASA-201701-8

ASA-201701-9

https://security.archlinux.org/ASA-201701-9

AVG-112

https://security.archlinux.org/AVG-112

AVG-113

https://security.archlinux.org/AVG-113

AVG-114

https://security.archlinux.org/AVG-114

AVG-115

https://security.archlinux.org/AVG-115

AVG-116

https://security.archlinux.org/AVG-116

AVG-117

https://security.archlinux.org/AVG-117

cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*

CVE-2016-9594

https://nvd.nist.gov/vuln/detail/CVE-2016-9594

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-d549-5ckr-aaaf
Aliases	CVE-2016-9594
Summary	curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable.
Status	Published
Exploitability	0.5
Weighted Severity	7.3
Risk	3.6
Affected and Fixed Packages	Package Details

CWE-665	Improper Initialization
CWE-330	Use of Insufficiently Random Values

Percentile	0.71478
EPSS Score	0.00731
Published At	May 4, 2025, 12:55 p.m.