CVE-2021-22925

CVE-2021-22925

Vendor N/A
Product https://github.com/curl/curl
Weakness CWE-200 · Info exposure
Published August 5, 2021
Last update April 16, 2026

CVSS base score

What the vulnerability does

01Description

curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application.

Key dates

02Disclosure timeline

August 5, 2021 CVE published
April 16, 2026 Record updated