#curl provides this listing and collection of ALL past security vulnerabilities at curl.se/docs/security.html

I claim that curl does this better than, yeah, just about all other projects. Because we put a lot of effort into it. Because we believe our users deserve it.