OESA-2021-1300 curl security update

🗓️ 06 Aug 2021 11:03:07Reported by GoogleType

osv🔗 osv.dev👁 1 Views

Fix libcurl connection reuse to respect issuer certificate and case sensitive paths to CVE 2021 22924.

Reporter	Title	Published	Views	Family All 372
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Curl affect PowerSC	1 Nov 202120:13	–	ibm
IBM Security Bulletins	Security Bulletin: The Community Edition of IBM ILOG CPLEX Optimization Studio is affected by a vulnerability in libcurl (CVE-2021-22924)	4 Oct 202115:50	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in libcURL affect IBM Rational ClearCase ( CVE-2021-22924)	22 Dec 202115:42	–	ibm
IBM Security Bulletins	Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - curl (CVE-2021-22924)	22 Apr 202214:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Connect:Direct for UNIX Certified Container is affected by multiple vulnerabilities in Red Hat Universal Base Image version 8.4-206.1626828523 and Binutils version 2.30-93	14 Mar 202220:12	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MaaS360 Cloud Extender and Modules have various vulnerabilities (CVE-2021-22924, CVE-2021-3712)	20 Jan 202222:43	–	ibm
FreeBSD	cURL -- Multiple vulnerabilities	21 Jul 202100:00	–	freebsd
Tenable Nessus	Amazon Linux 2 : curl, --advisory ALAS2-2021-1700 (ALAS-2021-1700)	16 Sep 202100:00	–	nessus
Tenable Nessus	Amazon Linux AMI : curl (ALAS-2021-1525)	9 Sep 202100:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0070: curl (ALINUX3-SA-2021:0070)	14 May 202500:00	–	nessus

Source	Link
openeuler	www.openeuler.org/en/security/safety-bulletin/detail.html
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-22924

03 Sep 2025 06:17Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.13.7

CVSS 24.3

EPSS0.0056

SSVC