AVG-1997 log

Package libcurl-compat
Status Fixed
Severity High
Type multiple issues
Affected 7.76.1-1
Fixed 7.77.0-1
Current 8.7.1-1 [core-testing]
8.6.0-4 [core]
Ticket None
Created Wed May 26 07:33:08 2021
Issue Severity Remote Type Description
CVE-2021-22901 High Yes Arbitrary code execution
libcurl before version 7.77.0 can be tricked into using already freed memory when a new TLS session is negotiated or a client certificate is requested on an...
CVE-2021-22898 Medium Yes Information disclosure
A security issue has been found in curl before version 7.77.0. curl supports the -t command line option, known as CURLOPT_TELNETOPTIONS in libcurl. This...
Date Advisory Package Type
01 Jun 2021 ASA-202106-6 libcurl-compat multiple issues