[FREEBSD:AA646C01-EA0D-11EB-9B84-D4C9EF517024] cURL -- Multiple vulnerabilities
Severity
High
Affected Packages
1
CVEs
5
The cURL project reports:
CURLOPT_SSLCERT mixup with Secure Transport (CVE-2021-22926)
TELNET stack contents disclosure again (CVE-2021-22925)
Bad connection reuse due to flawed path name checks (CVE-2021-92254)
Metalink download sends credentials (CVE-2021-92253)
Wrong content via metalink not discarded (CVE-2021-92252)
| Package | Affected Version |
|---|---|
 pkg:freebsd/curl
|
< 7.78.0 |
- ID
- FREEBSD:AA646C01-EA0D-11EB-9B84-D4C9EF517024
- Severity
- high
- Severity from
- CVE-2021-22926
- URL
- http://vuxml.freebsd.org/freebsd/aa646c01-ea0d-11eb-9b84-d4c9ef517024.html
- Published
-
2021-07-21T00:00:00
(3 years ago) - Modified
-
2021-07-21T00:00:00
(3 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
-
ALAS-2021-1525
-
ALAS2-2021-1700
-
ALPINE:CVE-2021-22922
-
ALPINE:CVE-2021-22923
-
ALPINE:CVE-2021-22924
-
ALPINE:CVE-2021-22925
-
ALPINE:CVE-2021-22926
-
ALSA-2021:3582
-
ALSA-2021:4511
-
ASA-202107-59
-
ASA-202107-60
-
ASA-202107-61
-
ASA-202107-62
-
ASA-202107-63
-
ASA-202107-64
-
CURL-CVE-2021-22922
-
CURL-CVE-2021-22923
-
CURL-CVE-2021-22924
-
CURL-CVE-2021-22925
-
CURL-CVE-2021-22926
-
DSA-5197-1
-
ELSA-2021-3582
-
ELSA-2021-4511
-
FEDORA-2021-5d21b90a30
-
FEDORA-2021-83fdddca0f
-
FEDORA-2021-c5584b92d4
-
FEDORA-2021-fc96a3a749
-
FREEBSD:C9387E4D-2F5F-11EC-8BE6-D4C9EF517024
-
GLSA-202212-01
-
openSUSE-SU-2021:1088-1
-
openSUSE-SU-2021:2439-1
-
RHSA-2021:3582
-
RHSA-2021:4511
-
RLSA-2021:4511
-
SSA:2021-202-02
-
SUSE-SU-2021:2425-1
-
SUSE-SU-2021:2439-1
-
SUSE-SU-2021:2440-1
-
SUSE-SU-2021:2462-1
-
USN-5021-1
-
USN-5021-2
-
USN-5894-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| FreeBSD VuXML |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:freebsd/curl |
curl
|
< 7.78.0 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |