curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: all previous curl CVEs as JSON ?

From: Daniel Stenberg via curl-library <>
Date: Thu, 4 May 2023 17:18:51 +0200 (CEST)

On Tue, 2 May 2023, Daniel Stenberg via curl-library wrote:

Here's a little CVE as JSON update:

We now provide:

  - All CVEs as a big JSON array with objects.


  - Every CVE as a single JSON. Just change .html to .json on the CVE URL:

    Example URL:

  - Every release as a JSON array with the objects for the CVEs that particular
    release is vulnerable to.

    Example URL:

The JSON objects now comply and verify fine against the Open Source
Vulnerability format JSON schema:

I have done the boring job of updating the most recent 85 something CVEs and
made sure that they specify exactly which git commit that introduced and that
fixed the vulnerabilities in a standard format - so now all JSON objects for
curl CVEs since 2017 also provide git range info for the introduced/fixed


  | Commercial curl support up to 24x7 is available!
  | Private help, bug fixes, support, ports, new features
Received on 2023-05-04