Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-22898
HistoryMay 26, 2021 - 12:00 a.m.

CVE-2021-22898

2021-05-2600:00:00
ubuntu.com
ubuntu.com
25

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

EPSS

0.002

Percentile

58.3%

curl 7.7 through 7.76.1 suffers from an information disclosure when the
-t command line option, known as CURLOPT_TELNETOPTIONS in libcurl, is
used to send variable=content pairs to TELNET servers. Due to a flaw in the
option parser for sending NEW_ENV variables, libcurl could be made to pass
on uninitialized data from a stack based buffer to the server, resulting in
potentially revealing sensitive internal information to the server using a
clear-text network protocol.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchcurl< 7.58.0-2ubuntu3.14UNKNOWN
ubuntu20.04noarchcurl< 7.68.0-1ubuntu2.6UNKNOWN
ubuntu21.04noarchcurl< 7.74.0-1ubuntu2.1UNKNOWN
ubuntu21.10noarchcurl< 7.74.0-1.2ubuntu4UNKNOWN
ubuntu22.04noarchcurl< 7.74.0-1.2ubuntu4UNKNOWN
ubuntu22.10noarchcurl< 7.74.0-1.2ubuntu4UNKNOWN
ubuntu23.04noarchcurl< 7.74.0-1.2ubuntu4UNKNOWN
ubuntu14.04noarchcurl< 7.35.0-1ubuntu2.20+esm14UNKNOWN
ubuntu16.04noarchcurl< 7.47.0-1ubuntu2.19+esm3UNKNOWN

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

EPSS

0.002

Percentile

58.3%