Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-yubp-g4rt-c3e6
Vulnerability ID VCID-yubp-g4rt-c3e6
Aliases CVE-2015-3236
Summary Multiple vulnerabilities have been found in cURL, the worst of which can allow remote attackers to cause Denial of Service condition.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-201 Insertion of Sensitive Information Into Sent Data
CWE-305 Authentication Bypass by Primary Weakness
System Score Found at
epss 0.04525 https://api.first.org/data/v1/epss?cve=CVE-2015-3236
epss 0.04525 https://api.first.org/data/v1/epss?cve=CVE-2015-3236
epss 0.04525 https://api.first.org/data/v1/epss?cve=CVE-2015-3236
epss 0.04525 https://api.first.org/data/v1/epss?cve=CVE-2015-3236
epss 0.04525 https://api.first.org/data/v1/epss?cve=CVE-2015-3236
epss 0.04525 https://api.first.org/data/v1/epss?cve=CVE-2015-3236
epss 0.04525 https://api.first.org/data/v1/epss?cve=CVE-2015-3236
epss 0.04525 https://api.first.org/data/v1/epss?cve=CVE-2015-3236
epss 0.04525 https://api.first.org/data/v1/epss?cve=CVE-2015-3236
cvssv3.1 High https://curl.se/docs/CVE-2015-3236.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3236.json
https://api.first.org/data/v1/epss?cve=CVE-2015-3236
https://curl.se/docs/CVE-2015-3236.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236
1233816 https://bugzilla.redhat.com/show_bug.cgi?id=1233816
GLSA-201509-02 https://security.gentoo.org/glsa/201509-02
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.89112
EPSS Score 0.04525
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:01:27.997325+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/201509-02 38.0.0