Lucene search
HackeroneCVELIST:CVE-2021-22945HistorySep 23, 2021 - 12:00 a.m.
CVE-2021-22945
2021-09-2300:00:00
CWE-415
hackerone
www.cve.org
1
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again.
CNA Affected
[
{
"vendor": "n/a",
"product": "https://github.com/curl/curl",
"versions": [
{
"version": "curl 7.73.0 to and including 7.78.0",
"status": "affected"
}
]
}
]References
seclists.org/fulldisclosure/2022/Mar/29
cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
hackerone.com/reports/1269242
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
security.gentoo.org/glsa/202212-01
security.netapp.com/advisory/ntap-20211029-0003/
support.apple.com/kb/HT213183
www.debian.org/security/2022/dsa-5197
www.oracle.com/security-alerts/cpuoct2021.html
Related
ibm
ibm
Security Bulletin: The Community Edition of IBM ILOG CPLEX Optimization Studio is affected by a vulnerability in libcurl (CVE-2021-22945)
2021-10-04 15:52:01
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - curl (CVE-2021-22945)
2022-04-22 20:08:16
Security Bulletin: Multiple vulnerabilities in Curl affect PowerSC
2021-11-01 20:13:42
hackerone
hackerone
curl: CVE-2021-22945: UAF and double-free in MQTT sending
2021-07-19 18:20:56
cve
cve
CVE-2021-22945
2021-09-23 13:15:08
veracode
veracode
Denial Of Service (DoS)
2021-09-17 21:34:21
osv
osv
CVE-2021-22945
2021-09-23 13:15:08
curl vulnerabilities
2021-09-15 11:11:13
curl vulnerabilities
2021-09-21 11:34:54
nvd
nvd
CVE-2021-22945
2021-09-23 13:15:08
alpinelinux
alpinelinux
CVE-2021-22945
2021-09-23 13:15:08
cbl_mariner
cbl_mariner
CVE-2021-22945 affecting package curl 7.76.0-9
2021-10-05 03:00:51
CVE-2021-22945 affecting package curl for versions less than 7.82.0-1
2022-04-09 06:51:45
redhatcve
redhatcve
CVE-2021-22945
2021-09-15 06:52:09
ubuntucve
ubuntucve
CVE-2021-22945
2021-09-15 00:00:00
prion
prion
Double free
2021-09-23 13:15:00
debiancve
debiancve
CVE-2021-22945
2021-09-23 13:15:08
slackware
slackware
[slackware-security] curl
2021-09-16 03:11:12
nessus
nessus
Photon OS 2.0: Curl PHSA-2021-2.0-0392
2021-09-21 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : curl vulnerabilities (USN-5079-1)
2021-09-15 00:00:00
Photon OS 1.0: Curl PHSA-2021-1.0-0434
2021-09-21 00:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-1.0-0434
2021-09-17 00:00:00
Moderate Photon OS Security Update - PHSA-2021-0301
2021-09-17 00:00:00
Moderate Photon OS Security Update - PHSA-2021-0102
2021-09-17 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5079-1)
2021-09-16 00:00:00
Mageia: Security Advisory (MGASA-2021-0438)
2022-01-28 00:00:00
Slackware: Security Advisory (SSA:2021-258-01)
2022-04-21 00:00:00
amazon
amazon
Medium: curl
2021-12-08 02:22:00
ubuntu
ubuntu
curl vulnerabilities
2021-09-21 00:00:00
curl vulnerabilities
2021-09-15 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: curl-7.79.1-1.fc35
2021-11-03 01:12:29
[SECURITY] Fedora 34 Update: curl-7.76.1-12.fc34
2021-09-21 15:33:29
[SECURITY] Fedora 33 Update: curl-7.71.1-11.fc33
2021-10-02 01:10:15
mageia
mageia
Updated curl packages fix security vulnerability
2021-09-23 07:49:29
cloudfoundry
cloudfoundry
USN-5079-1: curl vulnerabilities | Cloud Foundry
2021-10-28 00:00:00
freebsd
freebsd
cURL -- Multiple vulnerabilities
2021-09-15 00:00:00
debian
debian
[SECURITY] [DSA 5197-1] curl security update
2022-08-01 16:58:44
gentoo
gentoo
curl: Multiple Vulnerabilities
2022-12-19 00:00:00
apple
apple
About the security content of macOS Monterey 12.3
2022-03-14 00:00:00
ics
ics
Siemens SINEC INS
2022-03-10 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00