Lucene search
Veracode Vulnerability DatabaseVERACODE:31284HistoryJul 22, 2021 - 5:01 a.m.
Information Disclosure
2021-07-2205:01:40
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
21
0.002 Low
EPSS
Percentile
56.8%
curl is vulnerable to information disclosure. The Metalink download causes credentials to be sent when downloading the metalink XML file.
References
cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
curl.se/docs/CVE-2021-22923.html
github.com/curl/curl/pull/7176
hackerone.com/reports/1213181
lists.fedoraproject.org/archives/list/[email protected]/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
security.netapp.com/advisory/ntap-20210902-0003/
www.oracle.com/security-alerts/cpuoct2021.html
Related
cve
cve
CVE-2021-22923
2021-08-05 21:15:11
nvd
nvd
CVE-2021-22923
2021-08-05 21:15:11
cbl_mariner
cbl_mariner
CVE-2021-22923 affecting package curl 7.76.0-9
2021-08-11 06:39:26
CVE-2021-22923 affecting package curl for versions less than 7.76.0-5
2022-04-09 06:51:45
redhatcve
redhatcve
CVE-2021-22923
2021-07-21 09:20:09
ubuntucve
ubuntucve
CVE-2021-22923
2021-07-21 00:00:00
f5
f5
K54308152 : cURL vulnerability CVE-2021-22923
2021-08-03 00:00:00
prion
prion
Default credentials
2021-08-05 21:15:00
hackerone
hackerone
curl: CVE-2021-22923: Metalink download sends credentials
2021-05-30 21:32:16
osv
osv
CVE-2021-22923
2021-08-05 21:15:11
Moderate: curl security update
2021-09-21 07:12:18
alpinelinux
alpinelinux
CVE-2021-22923
2021-08-05 21:15:11
cvelist
cvelist
CVE-2021-22923
2021-08-05 00:00:00
debiancve
debiancve
CVE-2021-22923
2021-08-05 21:15:11
openvas
openvas
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2627)
2021-11-03 00:00:00
openSUSE: Security Advisory for curl (openSUSE-SU-2021:1088-1)
2021-07-25 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:2425-1)
2021-07-22 00:00:00
redhat
redhat
(RHSA-2021:3903) Moderate: curl security update
2021-10-19 06:26:14
(RHSA-2021:3582) Moderate: curl security update
2021-09-21 07:12:18
nessus
nessus
RHEL 8 : curl (RHSA-2021:3903)
2021-10-20 00:00:00
EulerOS 2.0 SP8 : curl (EulerOS-SA-2021-2627)
2021-11-02 00:00:00
Oracle Linux 8 : curl (ELSA-2021-3582)
2021-09-22 00:00:00
rocky
rocky
curl security update
2021-09-21 07:12:18
almalinux
almalinux
Moderate: curl security update
2021-09-21 07:12:18
oraclelinux
oraclelinux
curl security update
2021-09-21 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2021-0273
2021-07-24 00:00:00
Moderate Photon OS Security Update - PHSA-2021-0069
2021-07-25 00:00:00
Moderate Photon OS Security Update - PHSA-2021-3.0-0273
2021-07-24 00:00:00
mageia
mageia
Updated curl packages fix security vulnerabilities
2021-07-27 23:21:53
suse
suse
Security update for curl (moderate)
2021-07-21 00:00:00
Security update for curl (moderate)
2021-07-24 00:00:00
slackware
slackware
[slackware-security] curl
2021-07-21 18:22:03
fedora
fedora
[SECURITY] Fedora 34 Update: curl-7.76.1-7.fc34
2021-07-23 01:06:01
[SECURITY] Fedora 33 Update: curl-7.71.1-10.fc33
2021-08-07 01:14:48
[SECURITY] Fedora 34 Update: curl-7.76.1-12.fc34
2021-09-21 15:33:29
amazon
amazon
Medium: curl
2021-09-08 23:35:00
archlinux
archlinux
[ASA-202107-59] curl: multiple issues
2021-07-21 00:00:00
freebsd
freebsd
cURL -- Multiple vulnerabilities
2021-07-21 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Curl affect PowerSC
2021-11-01 20:13:42
gentoo
gentoo
curl: Multiple Vulnerabilities
2022-12-19 00:00:00
ics
ics
Siemens SINEC INS
2022-03-10 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00
avleonov
avleonov