Showing 1 - 14 of 14

CVE-2021-22922

Status Candidate

Overview

When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk.

Related Files

Gentoo Linux Security Advisory 202212-01: Posted Dec 19, 2022; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202212-1 - Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution. Versions less than 7.86.0 are affected.; tags | advisory, arbitrary, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2021-22922, CVE-2021-22923, CVE-2021-22925, CVE-2021-22926, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781; SHA-256 | e297fe6f1bca3eb09660ab5922cdfac1c9a3279734e9e89e74cc758a3e08ac46; Download | Favorite | View

Red Hat Security Advisory 2021-4725-03: Posted Nov 18, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4725-03 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 2.6.8 images.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-25648, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-29923, CVE-2021-34558, CVE-2021-36222, CVE-2021-3653, CVE-2021-3733, CVE-2021-37750; SHA-256 | 00aec26b5e44879b921222ad5caa4a2a5bb4ed97adfe718c6cc6619b1e9c65c6; Download | Favorite | View

Red Hat Security Advisory 2021-4618-01: Posted Nov 12, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4618-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues. Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, out of bounds read, and path sanitization vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2020-36385, CVE-2021-0512, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22946, CVE-2021-22947, CVE-2021-23017, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-32690, CVE-2021-32803, CVE-2021-32804, CVE-2021-33623, CVE-2021-33928, CVE-2021-33929, CVE-2021-33930, CVE-2021-33938, CVE-2021-36222, CVE-2021-3656, CVE-2021-3711, CVE-2021-3712, CVE-2021-3733; SHA-256 | 14809d9261f291a519a153713fcca44c926124a2a48c8d989887911783dba47f; Download | Favorite | View

Red Hat Security Advisory 2021-4582-02: Posted Nov 10, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4582-02 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring. Security fixes: golang: crypto/tls: certificate of wrong type is causing TLS client to panic.; tags | advisory, remote, cryptography; systems | linux, redhat; advisories | CVE-2019-3842, CVE-2020-13776, CVE-2021-22922, CVE-2021-22923, CVE-2021-34558, CVE-2021-3620; SHA-256 | f28cc76ddb412145654050664da26602d7c4d62da2e36475367e140177eb756a; Download | Favorite | View

Red Hat Security Advisory 2021-4104-01: Posted Nov 3, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4104-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-25648, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-3121, CVE-2021-31525, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-36222, CVE-2021-3653, CVE-2021-37750; SHA-256 | a0f4016bf01db767d10a8aa69fb754c9e874b8c8f685fdd273d310c8660ce13c; Download | Favorite | View

Red Hat Security Advisory 2021-3949-01: Posted Oct 21, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3949-01 - Red Hat Advanced Cluster Management for Kubernetes 2.1.12 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains updates to one or more container images for Red Hat Advanced Cluster Management for Kubernetes. Issues addressed include denial of service, integer overflow, and out of bounds read vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2016-4658, CVE-2021-22543, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23840, CVE-2021-23841, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-36222, CVE-2021-3653, CVE-2021-3656, CVE-2021-37576, CVE-2021-37750, CVE-2021-41099; SHA-256 | da3bb0a2f0aedf1b55d5f8cbbece5dc6749623ae797a40f9e1cf9bf6796ee1a4; Download | Favorite | View

Red Hat Security Advisory 2021-3925-01: Posted Oct 20, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3925-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and provide security updates. Issues addressed include denial of service, information leakage, integer overflow, and out of bounds read vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2016-4658, CVE-2020-25648, CVE-2021-21670, CVE-2021-21671, CVE-2021-22543, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23017, CVE-2021-23840, CVE-2021-23841, CVE-2021-25741, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-32690, CVE-2021-36222, CVE-2021-3653, CVE-2021-3656, CVE-2021-37576, CVE-2021-37750, CVE-2021-41099; SHA-256 | fd1035fefbb8b3d06fa3e4a659771a25d330eb9fd90f1ff55f4f16a1d0ab3d2c; Download | Favorite | View

Red Hat Security Advisory 2021-3917-01: Posted Oct 19, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3917-01 - Quay 3.6.0 release. Issues addressed include buffer over-read, buffer overflow, denial of service, out of bounds read, and spoofing vulnerabilities.; tags | advisory, denial of service, overflow, spoof, vulnerability; systems | linux, redhat; advisories | CVE-2017-16137, CVE-2017-16138, CVE-2018-1107, CVE-2018-1109, CVE-2018-16492, CVE-2018-21270, CVE-2018-3721, CVE-2018-3728, CVE-2018-3774, CVE-2019-1010266, CVE-2019-20920, CVE-2019-20922, CVE-2020-15366, CVE-2020-25648, CVE-2020-26237, CVE-2020-26291, CVE-2020-35653, CVE-2020-35654, CVE-2020-7608, CVE-2020-8203, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23364, CVE-2021-23368, CVE-2021-23382, CVE-2021-25289; SHA-256 | cd92891e50d6ccba7c7561d838bb19ca1093549c2001d772fd5a4bb9e4fc7fa0; Download | Favorite | View

Red Hat Security Advisory 2021-3903-01: Posted Oct 19, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3903-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.; tags | advisory, web, protocol; systems | linux, redhat; advisories | CVE-2021-22922, CVE-2021-22923; SHA-256 | 00af21cb671eb2ce5da0e1ebd1b860693b90b5e59ebec147073c9216254b6780; Download | Favorite | View

Red Hat Security Advisory 2021-3873-01: Posted Oct 15, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3873-01 - Red Hat Advanced Cluster Management for Kubernetes 2.2.9 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console — with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide bug fixes and security fixes. Issues addressed include bypass, denial of service, integer overflow, and out of bounds read vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23017, CVE-2021-23434, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-36222, CVE-2021-3653, CVE-2021-37750, CVE-2021-41099; SHA-256 | b4c1512c3c02a0773b56b0befe34c43efa0dbab79ff54109600f1815b01d985e; Download | Favorite | View

Red Hat Security Advisory 2021-3851-01: Posted Oct 14, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3851-01 - Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This advisory is intended to use with Container Images, for Red Hat 3scale API Management 2.11.0. Issues addressed include a cross site scripting vulnerability.; tags | advisory, xss; systems | linux, redhat; advisories | CVE-2020-8911, CVE-2020-8912, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-27218, CVE-2021-3442, CVE-2021-36222, CVE-2021-3653, CVE-2021-3715, CVE-2021-37750; SHA-256 | e4888f040246d49c7a7c2e4f31bece8b08efa09009b3ee41382c5876a9bfdbbc; Download | Favorite | View

Red Hat Security Advisory 2021-3694-01: Posted Sep 30, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3694-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.; tags | advisory, web, denial of service; systems | linux, redhat; advisories | CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-36222, CVE-2021-3749, CVE-2021-37576, CVE-2021-37750, CVE-2021-38201; SHA-256 | b1ce9e701282280a5c2dbdfafd7782a607b33f330152c096fdc1e2b3c2debde0; Download | Favorite | View

Red Hat Security Advisory 2021-3653-01: Posted Sep 24, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3653-01 - Red Hat Advanced Cluster Management 2.1.11 security fix and container updates are available.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-27777, CVE-2021-22555, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23017, CVE-2021-29154, CVE-2021-29650, CVE-2021-31535, CVE-2021-32399, CVE-2021-36222, CVE-2021-3653, CVE-2021-37750; SHA-256 | 15f863255ce01b9af4125b6f699165597020889114335a232c7f75076dc7e35c; Download | Favorite | View

Red Hat Security Advisory 2021-3582-01: Posted Sep 21, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3582-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.; tags | advisory, web, protocol; systems | linux, redhat; advisories | CVE-2021-22922, CVE-2021-22923, CVE-2021-22924; SHA-256 | 1b88eef1d3d06c1dad83790d43adf99ca662eeb37a7ac9c52c0eae714cc60f25; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2021-22922

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems