CVE-2021-22925
Severity
5.3MEDIUM
EPSS
0.4%
top 37.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 5
Latest updateFeb 27
Description
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() co…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4
Affected Packages11 packages
Also affects: Fedora 33
Patches
🔴Vulnerability Details
6GHSA▶
GHSA-rjqf-6h27-xqfp: curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl↗2022-05-24
OSV▶
CVE-2021-22925: curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl↗2021-08-05
CVEList▶
CVE-2021-22925: curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl↗2021-08-05
📋Vendor Advisories
8Microsoft▶
curl supports the `-t` command line option known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser ↗2021-08-10