[FREEBSD:AA646C01-EA0D-11EB-9B84-D4C9EF517024] cURL -- Multiple vulnerabilities
Severity
High
Affected Packages
1
CVEs
5
The cURL project reports:
CURLOPT_SSLCERT mixup with Secure Transport (CVE-2021-22926)
TELNET stack contents disclosure again (CVE-2021-22925)
Bad connection reuse due to flawed path name checks (CVE-2021-92254)
Metalink download sends credentials (CVE-2021-92253)
Wrong content via metalink not discarded (CVE-2021-92252)
Package | Affected Version |
---|---|
pkg:freebsd/curl | < 7.78.0 |
- ID
- FREEBSD:AA646C01-EA0D-11EB-9B84-D4C9EF517024
- Severity
- high
- Severity from
- CVE-2021-22926
- URL
- http://vuxml.freebsd.org/freebsd/aa646c01-ea0d-11eb-9b84-d4c9ef517024.html
- Published
-
2021-07-21T00:00:00
(3 years ago) - Modified
-
2021-07-21T00:00:00
(3 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
- ALAS-2021-1525
- ALAS2-2021-1700
- ALPINE:CVE-2021-22922
- ALPINE:CVE-2021-22923
- ALPINE:CVE-2021-22924
- ALPINE:CVE-2021-22925
- ALPINE:CVE-2021-22926
- ALSA-2021:3582
- ALSA-2021:4511
- ASA-202107-59
- ASA-202107-60
- ASA-202107-61
- ASA-202107-62
- ASA-202107-63
- ASA-202107-64
- CURL-CVE-2021-22922
- CURL-CVE-2021-22923
- CURL-CVE-2021-22924
- CURL-CVE-2021-22925
- CURL-CVE-2021-22926
- DSA-5197-1
- ELSA-2021-3582
- ELSA-2021-4511
- FEDORA-2021-5d21b90a30
- FEDORA-2021-83fdddca0f
- FEDORA-2021-c5584b92d4
- FEDORA-2021-fc96a3a749
- FREEBSD:C9387E4D-2F5F-11EC-8BE6-D4C9EF517024
- GLSA-202212-01
- openSUSE-SU-2021:1088-1
- openSUSE-SU-2021:2439-1
- RHSA-2021:3582
- RHSA-2021:4511
- RLSA-2021:4511
- SSA:2021-202-02
- SUSE-SU-2021:2425-1
- SUSE-SU-2021:2439-1
- SUSE-SU-2021:2440-1
- SUSE-SU-2021:2462-1
- USN-5021-1
- USN-5021-2
- USN-5894-1
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | https://curl.se/docs/vuln-7.77.0.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/curl | curl | < 7.78.0 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |