{
  "schemaVersion": "1.0.0",
  "binary": {
    "digest": "sha256:b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3",
    "purl": "pkg:deb/debian/curl@8.4.0-2",
    "arch": "linux-amd64",
    "filename": "libcurl.so.4"
  },
  "cve": {
    "id": "CVE-2023-38545",
    "advisory": "https://curl.se/docs/CVE-2023-38545.html",
    "patchCommit": "fb4415d8aee6c1"
  },
  "verdict": "patched",
  "confidence": 0.91,
  "evidence": [
    {
      "function": "socks5_resolve_local",
      "state": "patched",
      "score": 0.95,
      "method": "semantic_ksg",
      "hash": "sha256:1234abcd"
    },
    {
      "function": "Curl_SOCKS5",
      "state": "patched",
      "score": 0.88,
      "method": "cfg_structural",
      "hash": "sha256:5678efgh"
    },
    {
      "function": "socks_state",
      "state": "modified",
      "score": 0.85,
      "method": "semantic_ksg"
    }
  ],
  "tooling": {
    "binaryIndexVersion": "2.1.0",
    "lifter": "b2r2",
    "matchAlgorithm": "semantic_ksg",
    "normalizationRecipe": "stella-norm-v3"
  },
  "computedAt": "2026-01-28T12:00:00.000Z"
}