Ubuntu Security Update USN-4898-1: curl vulnerabilities

Thread starter LinuxBot
Start date Mar 31, 2021

LinuxBot

Member

Mar 31, 2021

#1

Viktor Szakats discovered that curl did not strip off user credentials from referrer header fields. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-22876) Mingtao Yang discovered that curl incorrectly handled session tickets when using an HTTPS proxy. A remote attacker in control of an HTTPS proxy could use this issue to bypass certificate checks and intercept communications. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-22890)

Continue reading...

You must log in or register to reply here.

Similar threads

Ubuntu Security Update USN-8227-1: curl vulnerabilities

Replies: 0

Views: 125

May 4, 2026

LinuxBot

Ubuntu Security Update USN-8062-1: curl vulnerabilities

Replies: 0

Views: 216

Feb 25, 2026

LinuxBot

Ubuntu Security Update USN-8062-2: curl vulnerabilities

Replies: 0

Views: 204

Mar 3, 2026

LinuxBot

Ubuntu Security Update USN-8084-1: curl vulnerabilities

Replies: 0

Views: 231

Mar 11, 2026

LinuxBot

Ubuntu Security Update USN-8099-1: curl vulnerabilities

Replies: 0

Views: 120

Mar 17, 2026

LinuxBot

Share:

Facebook X Bluesky LinkedIn Reddit Pinterest Tumblr WhatsApp Email Link

Follow Linux.org

Linux.org YouTube Channel

Members online

Total: 4,203 (members: 3, guests: 4,200)

Latest posts

Fresh Installation of MX Linux ver 25 XFCE
- Latest: Perpetual Padawan
- 58 minutes ago
Getting Started
T
What are Your Takes On "GNU Purism"
- Latest: Thunderpants
- Today at 12:35 AM
General Computing
Cannot install any Linux
- Latest: Rocketing-warp9
- Today at 12:01 AM
Getting Started
Update Chrome ASAP to Protect Yourself From This Active ExploitIf you use Chrome, you're vulnerable until you install this update. Jun 11, 2026
- Latest: Condobloke
- Yesterday at 11:10 PM
Linux Security
J
Ubuntu 26.04 Dock crashes
- Latest: Jens55
- Yesterday at 10:09 PM
Ubuntu forum

Top