Showing 1 - 14 of 14

CVE-2021-22923

Status Candidate

Overview

When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user's expectations and intentions and without telling the user it happened.

Related Files

Gentoo Linux Security Advisory 202212-01: Posted Dec 19, 2022; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202212-1 - Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. Versions less than 7.86.0 are affected.; tags | advisory, arbitrary, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2021-22922, CVE-2021-22923, CVE-2021-22925, CVE-2021-22926, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781; SHA-256 | e297fe6f1bca3eb09660ab5922cdfac1c9a3279734e9e89e74cc758a3e08ac46; Download | Favorite | View

Red Hat Security Advisory 2021-4725-03: Posted Nov 18, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4725-03 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 2.6.8 images.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-25648, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-29923, CVE-2021-34558, CVE-2021-36222, CVE-2021-3653, CVE-2021-3733, CVE-2021-37750; SHA-256 | 00aec26b5e44879b921222ad5caa4a2a5bb4ed97adfe718c6cc6619b1e9c65c6; Download | Favorite | View

Red Hat Security Advisory 2021-4618-01: Posted Nov 12, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4618-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues. Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, and path sanitization vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2020-36385, CVE-2021-0512, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22946, CVE-2021-22947, CVE-2021-23017, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-32690, CVE-2021-32803, CVE-2021-32804, CVE-2021-33623, CVE-2021-33928, CVE-2021-33929, CVE-2021-33930, CVE-2021-33938, CVE-2021-36222, CVE-2021-3656, CVE-2021-3711, CVE-2021-3712, CVE-2021-3733; SHA-256 | 14809d9261f291a519a153713fcca44c926124a2a48c8d989887911783dba47f; Download | Favorite | View

Red Hat Security Advisory 2021-4582-02: Posted Nov 10, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4582-02 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring. Security fixes: golang: crypto/tls: certificate of wrong type is causing TLS client to panic.; tags | advisory, remote, cryptography; systems | linux, redhat; advisories | CVE-2019-3842, CVE-2020-13776, CVE-2021-22922, CVE-2021-22923, CVE-2021-34558, CVE-2021-3620; SHA-256 | f28cc76ddb412145654050664da26602d7c4d62da2e36475367e140177eb756a; Download | Favorite | View

Red Hat Security Advisory 2021-4104-01: Posted Nov 3, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4104-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-25648, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-3121, CVE-2021-31525, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-36222, CVE-2021-3653, CVE-2021-37750; SHA-256 | a0f4016bf01db767d10a8aa69fb754c9e874b8c8f685fdd273d310c8660ce13c; Download | Favorite | View

Red Hat Security Advisory 2021-3949-01: Posted Oct 21, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3949-01 - Red Hat Advanced Cluster Management for Kubernetes 2.1.12 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains updates to one or more container images for Red Hat Advanced Cluster Management for Kubernetes. Issues addressed include denial of service, integer overflow, and out of bounds read vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2016-4658, CVE-2021-22543, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23840, CVE-2021-23841, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-36222, CVE-2021-3653, CVE-2021-3656, CVE-2021-37576, CVE-2021-37750, CVE-2021-41099; SHA-256 | da3bb0a2f0aedf1b55d5f8cbbece5dc6749623ae797a40f9e1cf9bf6796ee1a4; Download | Favorite | View

Red Hat Security Advisory 2021-3925-01: Posted Oct 20, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3925-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and provide security updates. Issues addressed include denial of service, information leakage, integer overflow, and out of bounds read vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2016-4658, CVE-2020-25648, CVE-2021-21670, CVE-2021-21671, CVE-2021-22543, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23017, CVE-2021-23840, CVE-2021-23841, CVE-2021-25741, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-32690, CVE-2021-36222, CVE-2021-3653, CVE-2021-3656, CVE-2021-37576, CVE-2021-37750, CVE-2021-41099; SHA-256 | fd1035fefbb8b3d06fa3e4a659771a25d330eb9fd90f1ff55f4f16a1d0ab3d2c; Download | Favorite | View

Red Hat Security Advisory 2021-3917-01: Posted Oct 19, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3917-01 - Quay 3.6.0 release. Issues addressed include buffer over-read, buffer overflow, denial of service, out of bounds read, and spoofing vulnerabilities.; tags | advisory, denial of service, overflow, spoof, vulnerability; systems | linux, redhat; advisories | CVE-2017-16137, CVE-2017-16138, CVE-2018-1107, CVE-2018-1109, CVE-2018-16492, CVE-2018-21270, CVE-2018-3721, CVE-2018-3728, CVE-2018-3774, CVE-2019-1010266, CVE-2019-20920, CVE-2019-20922, CVE-2020-15366, CVE-2020-25648, CVE-2020-26237, CVE-2020-26291, CVE-2020-35653, CVE-2020-35654, CVE-2020-7608, CVE-2020-8203, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23364, CVE-2021-23368, CVE-2021-23382, CVE-2021-25289; SHA-256 | cd92891e50d6ccba7c7561d838bb19ca1093549c2001d772fd5a4bb9e4fc7fa0; Download | Favorite | View

Red Hat Security Advisory 2021-3903-01: Posted Oct 19, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3903-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.; tags | advisory, web, protocol; systems | linux, redhat; advisories | CVE-2021-22922, CVE-2021-22923; SHA-256 | 00af21cb671eb2ce5da0e1ebd1b860693b90b5e59ebec147073c9216254b6780; Download | Favorite | View

Red Hat Security Advisory 2021-3873-01: Posted Oct 15, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3873-01 - Red Hat Advanced Cluster Management for Kubernetes 2.2.9 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console — with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide bug fixes and security fixes. Issues addressed include bypass, denial of service, integer overflow, and out of bounds read vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23017, CVE-2021-23434, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-36222, CVE-2021-3653, CVE-2021-37750, CVE-2021-41099; SHA-256 | b4c1512c3c02a0773b56b0befe34c43efa0dbab79ff54109600f1815b01d985e; Download | Favorite | View

Red Hat Security Advisory 2021-3851-01: Posted Oct 14, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3851-01 - Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This advisory is intended to use with Container Images, for Red Hat 3scale API Management 2.11.0. Issues addressed include a cross site scripting vulnerability.; tags | advisory, xss; systems | linux, redhat; advisories | CVE-2020-8911, CVE-2020-8912, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-27218, CVE-2021-3442, CVE-2021-36222, CVE-2021-3653, CVE-2021-3715, CVE-2021-37750; SHA-256 | e4888f040246d49c7a7c2e4f31bece8b08efa09009b3ee41382c5876a9bfdbbc; Download | Favorite | View

Red Hat Security Advisory 2021-3694-01: Posted Sep 30, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3694-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.; tags | advisory, web, denial of service; systems | linux, redhat; advisories | CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-36222, CVE-2021-3749, CVE-2021-37576, CVE-2021-37750, CVE-2021-38201; SHA-256 | b1ce9e701282280a5c2dbdfafd7782a607b33f330152c096fdc1e2b3c2debde0; Download | Favorite | View

Red Hat Security Advisory 2021-3653-01: Posted Sep 24, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3653-01 - Red Hat Advanced Cluster Management 2.1.11 security fix and container updates are available.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-27777, CVE-2021-22555, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23017, CVE-2021-29154, CVE-2021-29650, CVE-2021-31535, CVE-2021-32399, CVE-2021-36222, CVE-2021-3653, CVE-2021-37750; SHA-256 | 15f863255ce01b9af4125b6f699165597020889114335a232c7f75076dc7e35c; Download | Favorite | View

Red Hat Security Advisory 2021-3582-01: Posted Sep 21, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3582-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.; tags | advisory, web, protocol; systems | linux, redhat; advisories | CVE-2021-22922, CVE-2021-22923, CVE-2021-22924; SHA-256 | 1b88eef1d3d06c1dad83790d43adf99ca662eeb37a7ac9c52c0eae714cc60f25; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 292 files
Ubuntu 62 files
Gentoo 32 files
Debian 31 files
LiquidWorm 10 files
Apple 9 files
malvuln 7 files
Ahmet Umit Bayram 4 files
nu11secur1ty 4 files
Adam Gowdiak 4 files

File Archives

Systems

AIX (429)
Apple (2,087)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,038)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,588)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,751)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,492)
UNIX (9,397)
UnixWare (187)
Windows (6,658)
Other

CVE-2021-22923

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems