9.1

CVE-2021-22945

Exploit

When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.

Data is provided by the National Vulnerability Database (NVD)
HaxxLibcurl Version >= 7.73.0 <= 7.78.0
FedoraprojectFedora Version33
FedoraprojectFedora Version35
NetappCloud Backup Version-
OracleMysql Server Version >= 5.7.0 <= 5.7.35
OracleMysql Server Version >= 8.0.0 <= 8.0.26
NetappH300s Firmware Version-
   NetappH300s Version-
NetappH500s Firmware Version-
   NetappH500s Version-
NetappH700s Firmware Version-
   NetappH700s Version-
NetappH300e Firmware Version-
   NetappH300e Version-
NetappH500e Firmware Version-
   NetappH500e Version-
NetappH700e Firmware Version-
   NetappH700e Version-
NetappH410s Firmware Version-
   NetappH410s Version-
ApplemacOS Version >= 12.0.0 < 12.3
SiemensSinec Ins Version < 1.0.1.1
DebianDebian Linux Version11.0
SplunkUniversal Forwarder Version >= 8.2.0 < 8.2.12
SplunkUniversal Forwarder Version >= 9.0.0 < 9.0.6
SplunkUniversal Forwarder Version9.1.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.35% 0.571
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.1 3.9 5.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:P/I:N/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.1 3.9 5.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CWE-415 Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

http://seclists.org/fulldisclosure/2022/Mar/29
Third Party Advisory
Mailing List
https://hackerone.com/reports/1269242
Patch
Third Party Advisory
Exploit