6.7 Medium
AI Score
Confidence
Low
0.012 Low
EPSS
Percentile
85.5%
curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl’s internal function that returns a good 32bit random value. Having a weak or virtually non-existent random value makes the operations that use it vulnerable.
www.securityfocus.com/bid/95094
www.securitytracker.com/id/1037528
bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9594
curl.haxx.se/docs/adv_20161223.html
security.gentoo.org/glsa/201701-47
www.tenable.com/security/tns-2017-04