AVG-1997 log
| Package | libcurl-compat |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 7.76.1-1 |
| Fixed | 7.77.0-1 |
| Current | 8.11.0-3 [core] |
| Ticket | None |
| Created | Wed May 26 07:33:08 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-22901 | High | Yes | Arbitrary code execution | libcurl before version 7.77.0 can be tricked into using already freed memory when a new TLS session is negotiated or a client certificate is requested on an... |
| CVE-2021-22898 | Medium | Yes | Information disclosure | A security issue has been found in curl before version 7.77.0. curl supports the -t command line option, known as CURLOPT_TELNETOPTIONS in libcurl. This... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 01 Jun 2021 | ASA-202106-6 | libcurl-compat | multiple issues |