CVE-2021-22898
Published at:
-
11-06-2021 06:15
Last modified:
-
30-08-2022 09:09
Total changes:
-
19
Description
Common Vulnerability Scoring System (CVSS)
High
Attack complexity
Network
Attack vector
None
Availability
Low
Confidentiality
None
Integrity
None
Privileges required
Unchanged
Scope
Required
User interaction
3.1
Base score
1.6
1.4
Exploitability score
Impact score
Verification logic
Reference
- https://hackerone.com/reports/1176461
- https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde
- https://curl.se/docs/CVE-2021-22898.html
- [guacamole-issues] 20210618 [jira] [Created] (GUACAMOLE-1368) Latest docker image fails security scans.-Mailing List, Third Party Advisory
- N/A-Patch, Third Party Advisory
- [oss-security] 20210721 [SECURITY ADVISORY] curl: TELNET stack contents disclosure again-Mailing List, Patch, Third Party Advisory
- FEDORA-2021-83fdddca0f-Mailing List, Third Party Advisory
- FEDORA-2021-5d21b90a30-Mailing List, Third Party Advisory
- [debian-lts-announce] 20210813 [SECURITY] [DLA 2734-1] curl security update-Mailing List, Third Party Advisory
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://www.oracle.com/security-alerts/cpuapr2022.html
- DSA-5197-Third Party Advisory
- [debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update-Third Party Advisory
Keywords