CURL-CVE-2021-22945

See a problem?
Please try reporting it to the source first.
Source
https://curl.se/docs/CVE-2021-22945.html
Import Source
https://curl.se/docs/CURL-CVE-2021-22945.json
JSON Data
https://api.test.osv.dev/v1/vulns/CURL-CVE-2021-22945
Aliases
Published
2021-09-15T08:00:00Z
Modified
2025-05-15T17:48:29Z
Summary
UAF and double free in MQTT sending
Details

When sending data to an MQTT server, libcurl could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again.

Database specific 
{
    "package": "curl",
    "award": {
        "currency": "USD",
        "amount": "1000"
    },
    "www": "https://curl.se/docs/CVE-2021-22945.html",
    "issue": "https://hackerone.com/reports/1269242",
    "last_affected": "7.78.0",
    "URL": "https://curl.se/docs/CVE-2021-22945.json",
    "severity": "Medium",
    "CWE": {
        "id": "CWE-415",
        "desc": "Double Free"
    },
    "affects": "both"
}
References
Credits
    • z2_ - FINDER
    • z2_ - REMEDIATION_DEVELOPER

Affected packages

Git / github.com/curl/curl.git

Affected ranges

Type
SEMVER
Events
Introduced
7.73.0
Fixed
7.79.0
Type
GIT
Repo
https://github.com/curl/curl.git
Events
Introduced
2522903b792ac5a802f780df60dc4647c58e2477
Fixed
43157490a5054bd24256fe12876931e8abc9df49

Affected versions

7.*

7.73.0
7.74.0
7.75.0
7.76.0
7.76.1
7.77.0
7.78.0