3.1
CVSSv3

CVE-2021-22898

Published: 11/06/2021 Updated: 21/11/2024

Vulnerability Summary

curl 7.7 up to and including 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

haxx curl

debian debian linux 9.0

fedoraproject fedora 33

fedoraproject fedora 34

oracle communications cloud native core binding support function 1.11.0

oracle communications cloud native core network function cloud native environment 1.10.0

oracle communications cloud native core network repository function 1.15.0

oracle communications cloud native core network repository function 1.15.1

oracle communications cloud native core network slice selection function 1.8.0

oracle communications cloud native core service communication proxy 1.15.0

oracle essbase

oracle mysql server

siemens sinec infrastructure network services

splunk universal forwarder

splunk universal forwarder 9.1.0

Vendor Advisories

Debian Bug report logs - #989228 curl: CVE-2021-22898: TELNET stack contents disclosure Package: src:curl; Maintainer for src:curl is Alessandro Ghedini <ghedo@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 29 May 2021 15:15:02 UTC Severity: important Tags: security, upstream Found in ...
Multiple security vulnerabilities have been discovered in cURL, an URL transfer library These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack For the stable distribution (bullseye), these problems have been fixed in version 7740-13+deb11u2 We ...
Synopsis Moderate: Red Hat OpenShift distributed tracing 210 security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat Openshit distributed tracing 21Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...
Synopsis Important: Release of containers for OSP 162 director operator tech preview Type/Severity Security Advisory: Important Topic Red Hat OpenStack Platform 162 (Train) director Operator containers areavailable for technology preview Description Release osp-director-operator imagesSecurity Fix(es): golang: net/http: limit growth of h ...
Synopsis Important: Red Hat OpenShift GitOps security update Type/Severity Security Advisory: Important Topic An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 12 (GitOps v122)Re ...
Synopsis Moderate: Release of OpenShift Serverless 1200 Type/Severity Security Advisory: Moderate Topic Release of OpenShift Serverless 1200Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available fo ...
Synopsis Moderate: Gatekeeper Operator v02 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Gatekeeper Operator v02Red Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available f ...
Synopsis Moderate: Red Hat Advanced Cluster Management 2211 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 2211 General Availability release images, which provide one or more container updates and bug fixesRed Hat Product Security has rated this update as ...
Synopsis Moderate: Migration Toolkit for Containers (MTC) 154 security update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 154 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score, whichg ...
It was discovered that libcurl did not remove authentication credentials from URLs when automatically populating the Referer HTTP request header while handling HTTP redirects This could lead to exposure of the credentials to the server to which requests were redirected (CVE-2021-22876) A vulnerability was found in curl where a flaw in the option ...
A flaw was found in the way curl handled telnet protocol option for sending environment variables, which could lead to sending of uninitialized data from a stack-based buffer to the server This issue leads to potentially revealing sensitive internal information to the server using a clear-text network protocol (CVE-2021-22898) A flaw was found in ...
It was discovered that libcurl did not remove authentication credentials from URLs when automatically populating the Referer HTTP request header while handling HTTP redirects This could lead to exposure of the credentials to the server to which requests were redirected (CVE-2021-22876) A vulnerability was found in curl where a flaw in the option ...
A vulnerability was found in curl where a flaw in the option parser for sending NEW_ENV variables libcurl can pass uninitialized data from a stack-based buffer to the server This issue leads to potentially revealing sensitive internal information to the server using a clear-text network protocol The highest threat from this vulnerability is to co ...
A security issue has been found in curl before version 7770 curl supports the -t command line option, known as CURLOPT_TELNETOPTIONS in libcurl This rarely used option is used to send variable=content pairs to TELNET servers Due to flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from ...

ICS Advisories

Mailing Lists

TELNET stack contents disclosure ================================ Project curl Security Advisory, May 26th 2021 - [Permalink](curlse/docs/CVE-2021-22898html) VULNERABILITY ------------- curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl This rarely used option is used to send variable=content pairs ...
TELNET stack contents disclosure again ====================================== Project curl Security Advisory, July 21st 2021 - [Permalink](curlse/docs/CVE-2021-22925html) VULNERABILITY ------------- curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl This rarely used option is used to send variable= ...