Lucene search
RedHatRHSA-2022:1354HistoryApr 13, 2022 - 1:42 p.m.
(RHSA-2022:1354) Moderate: rh-dotnet31-curl security update
2022-04-1313:42:42
access.redhat.com
29
0.009 Low
EPSS
Percentile
83.0%
.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
Security Fix(es):
-
curl: Leak of authentication credentials in URL via automatic Referer (CVE-2021-22876)
-
curl: Bad connection reuse due to flawed path name checks (CVE-2021-22924)
-
curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols (CVE-2021-22946)
-
curl: Server responses received before STARTTLS processed after TLS handshake (CVE-2021-22947)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | x86_64 | rh-dotnet31-libcurl | <Â 7.61.1-22.el7_9 | rh-dotnet31-libcurl-7.61.1-22.el7_9.x86_64.rpm |
| RedHat | 7 | x86_64 | rh-dotnet31-curl | <Â 7.61.1-22.el7_9 | rh-dotnet31-curl-7.61.1-22.el7_9.x86_64.rpm |
| RedHat | 7 | x86_64 | rh-dotnet31-libcurl-devel | <Â 7.61.1-22.el7_9 | rh-dotnet31-libcurl-devel-7.61.1-22.el7_9.x86_64.rpm |
| RedHat | 7 | x86_64 | rh-dotnet31-curl-debuginfo | <Â 7.61.1-22.el7_9 | rh-dotnet31-curl-debuginfo-7.61.1-22.el7_9.x86_64.rpm |
Related
nessus
nessus
RHEL 7 : rh-dotnet31-curl (RHSA-2022:1354)
2022-04-14 00:00:00
EulerOS 2.0 SP9 : curl (EulerOS-SA-2022-1003)
2022-01-28 00:00:00
EulerOS 2.0 SP8 : curl (EulerOS-SA-2021-2798)
2021-12-25 00:00:00
osv
osv
Moderate: curl security update
2021-11-02 07:49:01
curl vulnerabilities
2021-09-15 12:34:55
curl regression
2021-09-21 13:07:33
rocky
rocky
curl security update
2021-11-02 07:49:01
ibm
ibm
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:14807-1)
2021-09-24 00:00:00
openSUSE: Security Advisory for curl (openSUSE-SU-2021:1384-1)
2021-10-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:3297-1)
2021-10-07 00:00:00
ubuntu
ubuntu
curl vulnerabilities
2021-09-15 00:00:00
curl regression
2021-09-21 00:00:00
curl vulnerabilities
2021-09-21 00:00:00
redhat
redhat
(RHSA-2021:4059) Moderate: curl security update
2021-11-02 07:49:01
(RHSA-2022:0635) Moderate: curl security update
2022-02-22 14:34:54
oraclelinux
oraclelinux
curl security update
2021-11-02 00:00:00
almalinux
almalinux
Moderate: curl security update
2021-11-02 07:49:01
amazon
amazon
photon
photon
Moderate Photon OS Security Update - PHSA-2021-0102
2021-09-17 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-1.0-0434
2021-09-17 00:00:00
Moderate Photon OS Security Update - PHSA-2021-0301
2021-09-17 00:00:00
slackware
slackware
[slackware-security] curl
2021-09-16 03:11:12
[slackware-security] curl
2021-04-01 01:05:48
cloudfoundry
cloudfoundry
USN-5079-1: curl vulnerabilities | Cloud Foundry
2021-10-28 00:00:00
USN-4898-1: curl vulnerabilities | Cloud Foundry
2021-04-29 00:00:00
mageia
mageia
Updated curl packages fix security vulnerability
2021-09-23 07:49:29
fedora
fedora
[SECURITY] Fedora 35 Update: curl-7.79.1-1.fc35
2021-11-03 01:12:29
[SECURITY] Fedora 34 Update: curl-7.76.1-12.fc34
2021-09-21 15:33:29
[SECURITY] Fedora 33 Update: curl-7.71.1-11.fc33
2021-10-02 01:10:15
freebsd
freebsd
cURL -- Multiple vulnerabilities
2021-09-15 00:00:00
curl -- Automatic referer leaks credentials
2021-03-31 00:00:00
alpinelinux
alpinelinux
redhatcve
redhatcve
cloudlinux
cloudlinux
Fix of CVE-2021-22876
2021-04-01 14:02:42
Fix of CVE: CVE-2021-22924
2021-09-21 22:10:36
veracode
veracode
Information Disclosure
2021-04-01 00:29:21
Insecure SSL Configuration
2021-07-22 05:50:57
Denial Of Service (DoS)
2021-09-17 21:34:33
cve
cve
githubexploit
githubexploit
Exploit for Use of Incorrectly-Resolved Name or Reference in Haxx Libcurl
2022-04-30 03:40:15
cbl_mariner
cbl_mariner
CVE-2021-22924 affecting package curl 7.76.0-9
2021-08-11 06:39:26
CVE-2021-22924 affecting package curl for versions less than 7.76.0-5
2022-04-09 06:51:45
CVE-2021-22947 affecting package curl for versions less than 7.82.0-1
2022-04-09 06:51:45
prion
prion
Code injection
2021-08-05 21:15:00
Design/Logic Flaw
2021-09-29 20:15:00
Cross site request forgery (csrf)
2021-04-01 18:15:00
hackerone
hackerone
curl: CVE-2021-22924: Bad connection reuse due to flawed path name checks
2021-06-11 03:47:23
curl: CVE-2021-22946: Protocol downgrade required TLS bypassed
2021-09-09 00:34:37
curl: CVE-2021-22876: Automatic referer leaks credentials
2021-02-12 01:08:34
debiancve
debiancve
cvelist
cvelist
ubuntucve
ubuntucve
mscve
mscve
Open Source Curl Remote Code Execution Vulnerability
2022-01-11 08:00:00
ics
ics
Siemens Industrial Devices using libcurl (Update B)
2022-08-11 12:00:00