2.6
CVSSv2

CVE-2021-22898

Published: 11/06/2021 Updated: 20/09/2021
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
CVSS v3 Base Score: 3.1 | Impact Score: 1.4 | Exploitability Score: 1.6
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N

Vulnerability Summary

curl 7.7 up to and including 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

haxx curl

apache guacamole 1.3.0

debian debian linux 9.0

fedoraproject fedora 33

fedoraproject fedora 34

oracle mysql server

Vendor Advisories

Debian Bug report logs - #989228 curl: CVE-2021-22898: TELNET stack contents disclosure Package: src:curl; Maintainer for src:curl is Alessandro Ghedini <ghedo@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 29 May 2021 15:15:02 UTC Severity: important Tags: security, upstream Found in ...
A vulnerability was found in curl where a flaw in the option parser for sending NEW_ENV variables libcurl can pass uninitialized data from a stack-based buffer to the server This issue leads to potentially revealing sensitive internal information to the server using a clear-text network protocol The highest threat from this vulnerability is to co ...
Arch Linux Security Advisory ASA-202106-9 ========================================= Severity: Medium Date : 2021-06-01 CVE-ID : CVE-2021-22898 Package : lib32-libcurl-gnutls Type : information disclosure Remote : Yes Link : securityarchlinuxorg/AVG-2000 Summary ======= The package lib32-libcurl-gnutls before version 7770-1 ...
Arch Linux Security Advisory ASA-202106-8 ========================================= Severity: Medium Date : 2021-06-01 CVE-ID : CVE-2021-22898 Package : libcurl-gnutls Type : information disclosure Remote : Yes Link : securityarchlinuxorg/AVG-1999 Summary ======= The package libcurl-gnutls before version 7770-1 is vulnerab ...
Arch Linux Security Advisory ASA-202106-4 ========================================= Severity: High Date : 2021-06-01 CVE-ID : CVE-2021-22898 CVE-2021-22901 Package : curl Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-1995 Summary ======= The package curl before version 7770-1 is vulnerable to multiple ...
A security issue has been found in curl before version 7770 curl supports the -t command line option, known as CURLOPT_TELNETOPTIONS in libcurl This rarely used option is used to send variable=content pairs to TELNET servers Due to flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from ...
Arch Linux Security Advisory ASA-202106-5 ========================================= Severity: High Date : 2021-06-01 CVE-ID : CVE-2021-22898 CVE-2021-22901 Package : lib32-curl Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-1996 Summary ======= The package lib32-curl before version 7770-1 is vulnerable ...
Arch Linux Security Advisory ASA-202106-7 ========================================= Severity: High Date : 2021-06-01 CVE-ID : CVE-2021-22898 CVE-2021-22901 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-1998 Summary ======= The package lib32-libcurl-compat before version 7 ...
Arch Linux Security Advisory ASA-202107-60 ========================================== Severity: Medium Date : 2021-07-21 CVE-ID : CVE-2021-22924 CVE-2021-22925 Package : lib32-curl Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-2195 Summary ======= The package lib32-curl before version 7780-1 is vulner ...
Arch Linux Security Advisory ASA-202107-61 ========================================== Severity: Medium Date : 2021-07-21 CVE-ID : CVE-2021-22924 CVE-2021-22925 Package : libcurl-compat Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-2196 Summary ======= The package libcurl-compat before version 7780-1 i ...
Arch Linux Security Advisory ASA-202106-6 ========================================= Severity: High Date : 2021-06-01 CVE-ID : CVE-2021-22898 CVE-2021-22901 Package : libcurl-compat Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-1997 Summary ======= The package libcurl-compat before version 7770-1 is vu ...
Arch Linux Security Advisory ASA-202107-64 ========================================== Severity: Medium Date : 2021-07-21 CVE-ID : CVE-2021-22924 CVE-2021-22925 Package : lib32-libcurl-gnutls Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-2199 Summary ======= The package lib32-libcurl-gnutls before versio ...
Arch Linux Security Advisory ASA-202107-62 ========================================== Severity: Medium Date : 2021-07-21 CVE-ID : CVE-2021-22924 CVE-2021-22925 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-2197 Summary ======= The package lib32-libcurl-compat before versio ...
Arch Linux Security Advisory ASA-202107-63 ========================================== Severity: Medium Date : 2021-07-21 CVE-ID : CVE-2021-22924 CVE-2021-22925 Package : libcurl-gnutls Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-2198 Summary ======= The package libcurl-gnutls before version 7780-1 i ...
Arch Linux Security Advisory ASA-202107-59 ========================================== Severity: Medium Date : 2021-07-21 CVE-ID : CVE-2021-22922 CVE-2021-22923 CVE-2021-22924 CVE-2021-22925 Package : curl Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-2194 Summary ======= The package curl before version ...

Mailing Lists

TELNET stack contents disclosure ================================ Project curl Security Advisory, May 26th 2021 - [Permalink](curlse/docs/CVE-2021-22898html) VULNERABILITY ------------- curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl This rarely used option is used to send variable=content pairs ...
TELNET stack contents disclosure again ====================================== Project curl Security Advisory, July 21st 2021 - [Permalink](curlse/docs/CVE-2021-22925html) VULNERABILITY ------------- curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl This rarely used option is used to send variable= ...

Github Repositories

CVE-2021-22898 Exploit curl 77 through 7761 suffers from an information disclosure when the -t command line option, known as CURLOPT_TELNETOPTIONS in libcurl, is used to send variable=content pairs to TELNET servers Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, r

Trivy Operator Built with kopf Main functions: Scheduled Image scans on running pods Trivy Image Validator Admission controller Inspirated by knqyf263's trivy-enforcer and fleeto's trivy-scanner Schefuled Image scans Default every 5 minutes execute a scan script It will get image list from all namespaces with the label trivy-scan=true, and then scan these images w

log4jnotes solr grype solr | grep -i 2021 ✔ Vulnerability DB [no update available] ✔ Pulled image ✔ Loaded image ✔ Parsed image ✔ Cataloged packages [503 packages] ✔ Scanned image [186 vulnerabilities] commons-io 25 CVE-2021-29425 Medium curl 7740-13+b1 (won