[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2013-0249":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":84,"duplicate_of":9,"upstream":85,"downstream":86,"duplicates":91,"related":92,"reserved_at":9,"published_at":94,"modified_at":95,"state":96,"summary":97,"references_raw":104,"kevs":170,"epss":171,"epss_history":174,"metrics":410,"affected":415},"CVE-2013-0249","Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[69],{"_key":70,"name":71,"source":72,"url":73,"maturity":74,"reliability_score":75,"verified":76,"type":77,"platforms":78,"requires_auth":9,"exploitdb":80,"metasploit":9},"24487","cURL - Buffer Overflow (PoC)","exploit-database","https://www.exploit-db.com/exploits/24487","poc",0.5,false,"dos",[79],"linux",{"verified":76,"type":77,"platform":79,"file":81,"codes":82},"exploits/linux/dos/24487.py",[7,83],"OSVDB-89988",[],[],[87,89],{"_key":88},"OPENSUSE-SU-2024:10303-1",{"_key":90},"DEBIAN-CVE-2013-0249",[],[93],{"_key":88},"2013-03-08T22:00:00.000Z","2024-08-06T14:18:09.560Z","Modified",{"cisa_kev":76,"cisa_ransomware":76,"cisa_vendor":9,"epss_severity":98,"epss_score":99,"severity":98,"severity_score":100,"severity_version":101,"severity_source":102,"severity_vector":103,"severity_status":96},"high",0.44202,7.5,"v2.0","nvd","AV:N/AC:L/Au:N/C:P/I:P/A:P",[105,111,116,122,128,134,139,144,149,154,158,162,166],{"url":106,"sources":107,"tags":109},"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",[108,102],"cve.org",[110],"X Refsource CONFIRM",{"url":112,"sources":113,"tags":114},"http://packetstormsecurity.com/files/120170/Slackware-Security-Advisory-curl-Updates.html",[108,102],[115],"X Refsource MISC",{"url":117,"sources":118,"tags":119},"http://www.securityfocus.com/bid/57842",[108,102],[120,121],"VDB Entry","X Refsource BID",{"url":123,"sources":124,"tags":125},"http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html",[108,102],[126,127],"Vendor Advisory","X Refsource APPLE",{"url":129,"sources":130,"tags":131},"http://www.exploit-db.com/exploits/24487",[108,102],[132,133],"Exploit","X Refsource EXPLOIT DB",{"url":135,"sources":136,"tags":137},"http://www.ubuntu.com/usn/USN-1721-1",[108,102],[126,138],"X Refsource UBUNTU",{"url":140,"sources":141,"tags":142},"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099140.html",[108,102],[126,143],"X Refsource FEDORA",{"url":145,"sources":146,"tags":147},"http://www.securitytracker.com/id/1028093",[108,102],[120,148],"X Refsource SECTRACK",{"url":150,"sources":151,"tags":152},"http://www.osvdb.org/89988",[108,102],[120,153],"X Refsource OSVDB",{"url":155,"sources":156,"tags":157},"http://packetstormsecurity.com/files/120147/cURL-Buffer-Overflow.html",[108,102],[115],{"url":159,"sources":160,"tags":161},"http://blog.volema.com/curl-rce.html",[108,102],[115],{"url":163,"sources":164,"tags":165},"http://curl.haxx.se/docs/adv_20130206.html",[108,102],[110,126],{"url":167,"sources":168,"tags":169},"http://nakedsecurity.sophos.com/2013/02/10/anatomy-of-a-vulnerability-curl-web-download-toolkit-holed-by-authentication-bug/",[108,102],[115],[],{"date":172,"score":99,"percentile":173},"2026-06-04",0.97617,[175,179,181,183,186,188,190,192,195,198,200,203,205,208,211,214,217,220,223,225,227,229,232,234,237,240,242,244,247,249,252,254,256,258,261,264,266,269,272,275,278,280,283,286,289,292,295,297,299,302,304,306,309,312,315,318,321,323,326,329,331,333,336,339,341,344,347,350,353,356,358,361,364,367,370,372,375,377,380,382,385,388,391,394,396,398,400,403,405,407],{"date":176,"score":177,"percentile":178},"2025-11-04",0.51157,0.97727,{"date":180,"score":177,"percentile":178},"2025-11-05",{"date":182,"score":177,"percentile":178},"2025-11-06",{"date":184,"score":177,"percentile":185},"2025-11-07",0.9773,{"date":187,"score":177,"percentile":185},"2025-11-08",{"date":189,"score":177,"percentile":185},"2025-11-09",{"date":191,"score":177,"percentile":185},"2025-11-10",{"date":193,"score":177,"percentile":194},"2025-11-11",0.97732,{"date":196,"score":177,"percentile":197},"2025-11-12",0.97735,{"date":199,"score":177,"percentile":197},"2025-11-13",{"date":201,"score":177,"percentile":202},"2025-11-14",0.97736,{"date":204,"score":177,"percentile":194},"2025-11-15",{"date":206,"score":177,"percentile":207},"2025-11-16",0.97734,{"date":209,"score":177,"percentile":210},"2025-11-17",0.97733,{"date":212,"score":177,"percentile":213},"2025-11-18",0.97752,{"date":215,"score":177,"percentile":216},"2025-11-19",0.97753,{"date":218,"score":177,"percentile":219},"2025-11-20",0.9776,{"date":221,"score":177,"percentile":222},"2025-11-21",0.97737,{"date":224,"score":177,"percentile":202},"2025-11-22",{"date":226,"score":177,"percentile":202},"2025-11-23",{"date":228,"score":177,"percentile":222},"2025-11-24",{"date":230,"score":177,"percentile":231},"2025-11-25",0.97739,{"date":233,"score":177,"percentile":231},"2025-11-26",{"date":235,"score":177,"percentile":236},"2025-11-27",0.9774,{"date":238,"score":177,"percentile":239},"2025-11-28",0.97738,{"date":241,"score":177,"percentile":239},"2025-11-29",{"date":243,"score":177,"percentile":222},"2025-11-30",{"date":245,"score":177,"percentile":246},"2025-12-01",0.97755,{"date":248,"score":177,"percentile":246},"2025-12-02",{"date":250,"score":177,"percentile":251},"2025-12-03",0.97756,{"date":253,"score":177,"percentile":239},"2025-12-04",{"date":255,"score":177,"percentile":239},"2025-12-05",{"date":257,"score":177,"percentile":231},"2025-12-06",{"date":259,"score":99,"percentile":260},"2025-12-07",0.97391,{"date":262,"score":99,"percentile":263},"2025-12-08",0.97393,{"date":265,"score":99,"percentile":263},"2025-12-09",{"date":267,"score":99,"percentile":268},"2025-12-10",0.97398,{"date":270,"score":99,"percentile":271},"2025-12-11",0.974,{"date":273,"score":99,"percentile":274},"2025-12-12",0.97401,{"date":276,"score":99,"percentile":277},"2025-12-13",0.97403,{"date":279,"score":99,"percentile":274},"2025-12-14",{"date":281,"score":99,"percentile":282},"2025-12-15",0.97402,{"date":284,"score":99,"percentile":285},"2025-12-16",0.97405,{"date":287,"score":99,"percentile":288},"2025-12-17",0.97407,{"date":290,"score":99,"percentile":291},"2025-12-18",0.97409,{"date":293,"score":99,"percentile":294},"2025-12-19",0.97411,{"date":296,"score":99,"percentile":294},"2025-12-20",{"date":298,"score":99,"percentile":291},"2025-12-21",{"date":300,"score":99,"percentile":301},"2025-12-22",0.97408,{"date":303,"score":99,"percentile":301},"2025-12-23",{"date":305,"score":99,"percentile":291},"2025-12-24",{"date":307,"score":99,"percentile":308},"2025-12-25",0.97412,{"date":310,"score":99,"percentile":311},"2025-12-26",0.97413,{"date":313,"score":99,"percentile":314},"2025-12-27",0.97438,{"date":316,"score":99,"percentile":317},"2025-12-28",0.97414,{"date":319,"score":99,"percentile":320},"2025-12-29",0.97415,{"date":322,"score":99,"percentile":320},"2025-12-30",{"date":324,"score":99,"percentile":325},"2025-12-31",0.97419,{"date":327,"score":99,"percentile":328},"2026-01-01",0.97441,{"date":330,"score":99,"percentile":328},"2026-01-02",{"date":332,"score":99,"percentile":328},"2026-01-03",{"date":334,"score":99,"percentile":335},"2026-01-04",0.97422,{"date":337,"score":99,"percentile":338},"2026-01-05",0.9742,{"date":340,"score":99,"percentile":335},"2026-01-06",{"date":342,"score":99,"percentile":343},"2026-01-07",0.97421,{"date":345,"score":99,"percentile":346},"2026-01-08",0.97424,{"date":348,"score":99,"percentile":349},"2026-01-09",0.97427,{"date":351,"score":99,"percentile":352},"2026-01-10",0.97429,{"date":354,"score":99,"percentile":355},"2026-01-11",0.97428,{"date":357,"score":99,"percentile":355},"2026-01-12",{"date":359,"score":99,"percentile":360},"2026-01-13",0.9743,{"date":362,"score":99,"percentile":363},"2026-01-14",0.97432,{"date":365,"score":99,"percentile":366},"2026-01-15",0.97433,{"date":368,"score":99,"percentile":369},"2026-01-16",0.97435,{"date":371,"score":99,"percentile":369},"2026-01-17",{"date":373,"score":99,"percentile":374},"2026-01-18",0.97431,{"date":376,"score":99,"percentile":366},"2026-01-19",{"date":378,"score":99,"percentile":379},"2026-01-20",0.97434,{"date":381,"score":99,"percentile":369},"2026-01-21",{"date":383,"score":99,"percentile":384},"2026-01-22",0.97436,{"date":386,"score":99,"percentile":387},"2026-01-23",0.97439,{"date":389,"score":99,"percentile":390},"2026-01-24",0.9744,{"date":392,"score":99,"percentile":393},"2026-01-25",0.97437,{"date":395,"score":99,"percentile":387},"2026-01-26",{"date":397,"score":99,"percentile":390},"2026-01-27",{"date":399,"score":99,"percentile":328},"2026-01-28",{"date":401,"score":99,"percentile":402},"2026-01-29",0.97442,{"date":404,"score":99,"percentile":328},"2026-01-30",{"date":406,"score":99,"percentile":402},"2026-01-31",{"date":408,"score":99,"percentile":409},"2026-02-01",0.97464,[411],{"source":102,"cvss_v2_0":412,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":100,"baseSeverity":9,"vectorString":103,"impactScore":413,"exploitabilityScore":414},6.4,10,[416,425,438],{"ecosystem":9,"name":417,"vendor":418,"product":419,"cpe_part":420,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":421},"ubuntu linux","canonical","ubuntu_linux","o",[422],{"version":423,"is_range":76,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.10","cpe",{"ecosystem":9,"name":426,"vendor":427,"product":426,"cpe_part":428,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":429},"curl","haxx","a",[430,432,434,436],{"version":431,"is_range":76,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.26.0",{"version":433,"is_range":76,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.27.0",{"version":435,"is_range":76,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.28.0",{"version":437,"is_range":76,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.28.1",{"ecosystem":9,"name":439,"vendor":427,"product":439,"cpe_part":428,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":440},"libcurl",[441,442,443,444],{"version":431,"is_range":76,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":433,"is_range":76,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":435,"is_range":76,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":437,"is_range":76,"range_type":424,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]