FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

cURL -- Multiple vulnerabilities

Affected packages
7.20.0	<=	curl	<	7.79.0

Details

VuXML ID	c9221ec9-17a2-11ec-b335-d4c9ef517024
Discovery	2021-09-15
Entry	2021-09-17
Modified	2021-09-28

The cURL project reports:

UAF and double-free in MQTT sending (CVE-2021-22945)

Protocol downgrade required TLS bypassed (CVE-2021-22946)

STARTTLS protocol injection via MITM (CVE-2021-22945)

[source]

References

CVE Name	CVE-2021-22945
CVE Name	CVE-2021-22946
CVE Name	CVE-2021-22947
URL	https://curl.se/docs/security.html