diff --git a/cve_bin_tool/data_sources/curl_source.py b/cve_bin_tool/data_sources/curl_source.py
index 0e54ea25f4..41fe409426 100644
--- a/cve_bin_tool/data_sources/curl_source.py
+++ b/cve_bin_tool/data_sources/curl_source.py
@@ -37,7 +37,7 @@ def __init__(self, error_mode=ErrorMode.TruncTrace):
         self.session = None
         self.affected_data = None
         self.source_name = self.SOURCE
-        self.vulnerbility_data = []
+        self.vulnerability_data = []
 
     async def get_cve_data(self):
         await self.fetch_cves()
@@ -59,16 +59,16 @@ async def fetch_cves(self):
     async def download_curl_vulnerabilities(self, session: RateLimiter) -> None:
         async with await session.get(self.DATA_SOURCE_LINK) as response:
             response.raise_for_status()
-            self.vulnerbility_data = await response.json()
+            self.vulnerability_data = await response.json()
         path = Path(str(Path(self.cachedir) / "vuln.json"))
         filepath = path.resolve()
         async with FileIO(filepath, "w") as f:
-            await f.write(json.dumps(self.vulnerbility_data, indent=4))
+            await f.write(json.dumps(self.vulnerability_data, indent=4))
 
     def get_cve_list(self):
         self.affected_data = []
 
-        for cve in self.vulnerbility_data:
+        for cve in self.vulnerability_data:
             affected = {
                 "cve_id": cve["aliases"][0],
                 "vendor": "haxx",