Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017588)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017588 advisory. curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Du...

SUSE CVE-2021-22898

curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEWENV variables, libcurl could be made to pass on...

SUSE CVE-2021-22925

curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending NEWENV variables, libcurlcould be made to pass on uninitialized data from a stack based...

curl: TELNET stack contents disclosure

A flaw was found in the way curl handled telnet protocol option for sending environment variables, which could lead to sending of uninitialized data from a stack-based buffer to the server. This issue leads to potentially revealing sensitive internal information to the server using a clear-text...

OESA-2021-1321 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pai...

AZL-6363 CVE-2021-22925 affecting package curl for versions less than 7.76.0-5

curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending NEWENV variables, libcurlcould be made to pass on uninitialized data from a stack based...

AZL-6359 CVE-2021-22898 affecting package curl for versions less than 7.76.0-5

curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEWENV variables, libcurl could be made to pass on...

CURL-CVE-2021-22898 TELNET stack contents disclosure

curl supports the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl. This rarely used option is used to send variable=content pairs to TELNET servers. Due to flaw in the option parser for sending NEWENV variables, libcurl could be made to pass on uninitialized data from a stack bas...

Zebra and Quagga Remote DoS

A remote DoS exists in Zebra and/or Quagga when sending a telnet option delimiter with no actual option data. An attacker may exploit this flaw to prevent this host from doing proper routing. This affects all versions from 0.90a to 0.93b. OpenVAS Vulnerability Test $Id: zebrados.nasl 6046...

Cisco IOS Software TELNET Option Handling Vulnerability

...