{"id":"CVE-2021-22901","details":"curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it stores pointers to the transfer in-memory object for later retrieval when a session ticket arrives. If the connection is used by multiple transfers (like with a reused HTTP/1.1 connection or multiplexed HTTP/2 connection) that first transfer object might be freed before the new session is established on that connection and then the function will access a memory buffer that might be freed. When using that memory, libcurl might even call a function pointer in the object, making it possible for a remote code execution if the server could somehow manage to get crafted memory content into the correct place in memory.","aliases":["CURL-CVE-2021-22901"],"modified":"2026-04-02T06:48:12.325534Z","published":"2021-06-11T16:15:11.120Z","related":["openSUSE-SU-2024:10582-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20210723-0001/"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20210727-0007/"},{"type":"ADVISORY","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf"},{"type":"REPORT","url":"https://hackerone.com/reports/1180380"},{"type":"FIX","url":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"type":"FIX","url":"https://curl.se/docs/CVE-2021-22901.html"},{"type":"FIX","url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"type":"FIX","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/curl/curl","events":[{"introduced":"2f33be817cbce6ad7a36f27dd7ada9219f13584c"},{"last_affected":"566b74a0e19b9aa610f4931e5bfd339bcf8e9147"},{"fixed":"7f4a9a9b2a49547eae24d2e19bc5c346e9026479"}],"database_specific":{"versions":[{"introduced":"7.75.0"},{"last_affected":"7.76.1"}]}},{"type":"GIT","repo":"https://github.com/mysql/mysql-server","events":[{"introduced":"0"},{"last_affected":"a9b0c712de3509d8d08d3ba385d41a4df6348775"},{"introduced":"270fd3411e3d671a73ed9725940a30080f59ce6d"},{"last_affected":"98b2ccb470de120d36bc4a623c814cdfded958ec"},{"introduced":"0"},{"last_affected":"61a3a1d8ef15512396b4c2af46e922a19bf2b174"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"5.7.34"},{"introduced":"8.0.0"},{"last_affected":"8.0.25"},{"introduced":"0"},{"last_affected":"9.1.0"}]}}],"versions":["curl-7_75_0","curl-7_76_0","curl-7_76_1","mysql-3.23.22-beta","mysql-3.23.24-beta","mysql-3.23.27-beta","mysql-3.23.28-gamma","mysql-3.23.29a-gamma","mysql-3.23.30-gamma","mysql-3.23.31","mysql-3.23.32","mysql-3.23.33","mysql-3.23.34","mysql-3.23.35","mysql-3.23.36","mysql-3.23.37","mysql-3.23.38","mysql-3.23.39","mysql-3.23.41","mysql-3.23.42","mysql-3.23.44","mysql-3.23.45","mysql-3.23.46","mysql-3.23.47","mysql-3.23.48","mysql-3.23.50","mysql-3.23.51","mysql-3.23.52","mysql-3.23.53","mysql-3.23.54","mysql-3.23.55","mysql-3.23.56","mysql-3.23.57","mysql-3.23.58","mysql-4.0.1","mysql-4.0.10","mysql-4.0.11","mysql-4.0.12","mysql-4.0.13","mysql-4.0.14","mysql-4.0.15","mysql-4.0.16","mysql-4.0.17","mysql-4.0.18","mysql-4.0.19","mysql-4.0.2","mysql-4.0.20","mysql-4.0.21","mysql-4.0.22","mysql-4.0.23","mysql-4.0.24","mysql-4.0.25","mysql-4.0.26","mysql-4.0.27","mysql-4.0.28","mysql-4.0.3","mysql-4.0.30","mysql-4.0.4","mysql-4.0.5","mysql-4.0.6","mysql-4.0.7","mysql-4.0.8","mysql-4.0.9","mysql-4.1.0","mysql-4.1.1","mysql-4.1.10","mysql-4.1.10a","mysql-4.1.10b","mysql-4.1.11","mysql-4.1.12","mysql-4.1.13","mysql-4.1.13a","mysql-4.1.14","mysql-4.1.15","mysql-4.1.16","mysql-4.1.18","mysql-4.1.19","mysql-4.1.2","mysql-4.1.20","mysql-4.1.21","mysql-4.1.22","mysql-4.1.23","mysql-4.1.24","mysql-4.1.3","mysql-4.1.4","mysql-4.1.5","mysql-4.1.6","mysql-4.1.7","mysql-4.1.8","mysql-4.1.9","mysql-5.0.0","mysql-5.0.1","mysql-5.0.10","mysql-5.0.10a","mysql-5.0.11","mysql-5.0.12","mysql-5.0.13","mysql-5.0.14","mysql-5.0.15","mysql-5.0.16","mysql-5.0.16a","mysql-5.0.17","mysql-5.0.17b","mysql-5.0.18","mysql-5.0.19","mysql-5.0.19a","mysql-5.0.2","mysql-5.0.2-alpha","mysql-5.0.20","mysql-5.0.20a","mysql-5.0.21","mysql-5.0.22","mysql-5.0.23","mysql-5.0.24","mysql-5.0.24a","mysql-5.0.25","mysql-5.0.26","mysql-5.0.27","mysql-5.0.28","mysql-5.0.3","mysql-5.0.30","mysql-5.0.32","mysql-5.0.33","mysql-5.0.34","mysql-5.0.36","mysql-5.0.37","mysql-5.0.38","mysql-5.0.4","mysql-5.0.40","mysql-5.0.41","mysql-5.0.42","mysql-5.0.44","mysql-5.0.45","mysql-5.0.46","mysql-5.0.48","mysql-5.0.5","mysql-5.0.50","mysql-5.0.51","mysql-5.0.51a","mysql-5.0.52","mysql-5.0.54","mysql-5.0.54a","mysql-5.0.56","mysql-5.0.58","mysql-5.0.6","mysql-5.0.60","mysql-5.0.60sp1","mysql-5.0.62","mysql-5.0.64","mysql-5.0.66","mysql-5.0.66a","mysql-5.0.66sp1","mysql-5.0.67","mysql-5.0.68","mysql-5.0.7","mysql-5.0.70","mysql-5.0.72","mysql-5.0.72sp1","mysql-5.0.74","mysql-5.0.74sp1","mysql-5.0.75","mysql-5.0.76","mysql-5.0.77","mysql-5.0.78","mysql-5.0.79","mysql-5.0.8","mysql-5.0.80","mysql-5.0.81","mysql-5.0.82","mysql-5.0.82sp1","mysql-5.0.83","mysql-5.0.84","mysql-5.0.84sp1","mysql-5.0.85","mysql-5.0.86","mysql-5.0.87","mysql-5.0.87sp1","mysql-5.0.88","mysql-5.0.9","mysql-5.0.90","mysql-5.0.91","mysql-5.0.92","mysql-5.0.93","mysql-5.0.94","mysql-5.0.95","mysql-5.0.96","mysql-5.1.11","mysql-5.1.12","mysql-5.1.13","mysql-5.1.14","mysql-5.1.14-ndb-6.1.0","mysql-5.1.15","mysql-5.1.15-ndb-6.1.1","mysql-5.1.15-ndb-6.1.10","mysql-5.1.15-ndb-6.1.11","mysql-5.1.15-ndb-6.1.12","mysql-5.1.15-ndb-6.1.13","mysql-5.1.15-ndb-6.1.14","mysql-5.1.15-ndb-6.1.15","mysql-5.1.15-ndb-6.1.16","mysql-5.1.15-ndb-6.1.19","mysql-5.1.15-ndb-6.1.2","mysql-5.1.15-ndb-6.1.20","mysql-5.1.15-ndb-6.1.21","mysql-5.1.15-ndb-6.1.22","mysql-5.1.15-ndb-6.1.23","mysql-5.1.15-ndb-6.1.3","mysql-5.1.15-ndb-6.1.5","mysql-5.1.15-ndb-6.1.6","mysql-5.1.15-ndb-6.1.7","mysql-5.1.15-ndb-6.1.8","mysql-5.1.15-ndb-6.1.9","mysql-5.1.16","mysql-5.1.16-ndb-6.2.0","mysql-5.1.17","mysql-5.1.18","mysql-5.1.18-ndb-6.2.1","mysql-5.1.18-ndb-6.2.2","mysql-5.1.19","mysql-5.1.19-ndb-6.2.3","mysql-5.1.19-ndb-6.2.4","mysql-5.1.19-ndb-6.3.0","mysql-5.1.19-ndb-6.3.1","mysql-5.1.20","mysql-5.1.20-beta","mysql-5.1.21","mysql-5.1.22","mysql-5.1.22-ndb-6.2.10","mysql-5.1.22-ndb-6.2.5-no-prod","mysql-5.1.22-ndb-6.2.5-no-prod-fix1","mysql-5.1.22-ndb-6.2.6","mysql-5.1.22-ndb-6.2.7","mysql-5.1.22-ndb-6.2.8","mysql-5.1.22-ndb-6.2.9","mysql-5.1.22-ndb-6.3.2-no-prod","mysql-5.1.22-ndb-6.3.3","mysql-5.1.22-ndb-6.3.4","mysql-5.1.22-ndb-6.3.5","mysql-5.1.22-ndb-6.3.6","mysql-5.1.22-ndb-6.3.7","mysql-5.1.23","mysql-5.1.23-ndb-6.2.11","mysql-5.1.23-ndb-6.2.12","mysql-5.1.23-ndb-6.2.13","mysql-5.1.23-ndb-6.2.14","mysql-5.1.23-ndb-6.2.15","mysql-5.1.23-ndb-6.3.10","mysql-5.1.23-ndb-6.3.11","mysql-5.1.23-ndb-6.3.12","mysql-5.1.23-ndb-6.3.7","mysql-5.1.23-ndb-6.3.8","mysql-5.1.23-ndb-6.3.9","mysql-5.1.24","mysql-5.1.24-ndb-6.3.13","mysql-5.1.24-ndb-6.3.14","mysql-5.1.24-ndb-6.3.15","mysql-5.1.24-ndb-6.3.16","mysql-5.1.25","mysql-5.1.26","mysql-5.1.27-ndb-6.3.17","mysql-5.1.28","mysql-5.1.28-ndb-6.2.16","mysql-5.1.28-ndb-6.3.18","mysql-5.1.29","mysql-5.1.29-ndb-6.3.19","mysql-5.1.3","mysql-5.1.30","mysql-5.1.30-ndb-6.3.20","mysql-5.1.30-ndb-6.4.0","mysql-5.1.31","mysql-5.1.31-ndb-6.3.21","mysql-5.1.31-ndb-6.3.22","mysql-5.1.31-ndb-6.4.1","mysql-5.1.31-ndb-6.4.2","mysql-5.1.31sp1","mysql-5.1.32","mysql-5.1.32-ndb-6.3.23","mysql-5.1.32-ndb-6.3.24","mysql-5.1.32-ndb-6.4.3","mysql-5.1.32-ndb-7.0.4","mysql-5.1.32-ndb-7.0.5","mysql-5.1.33","mysql-5.1.34","mysql-5.1.34-ndb-6.2.18","mysql-5.1.34-ndb-6.3.25","mysql-5.1.34-telco-7.0.6","mysql-5.1.34sp1","mysql-5.1.35","mysql-5.1.35-ndb-6.3.26","mysql-5.1.35-ndb-7.0.7","mysql-5.1.36","mysql-5.1.37","mysql-5.1.37-ndb-6.3.27","mysql-5.1.37-ndb-6.3.27a","mysql-5.1.37-ndb-7.0.8","mysql-5.1.37-ndb-7.0.8a","mysql-5.1.37sp1","mysql-5.1.38","mysql-5.1.39","mysql-5.1.39-ndb-6.3.28","mysql-5.1.39-ndb-6.3.28a","mysql-5.1.39-ndb-6.3.28b","mysql-5.1.39-ndb-6.3.29","mysql-5.1.39-ndb-6.3.30","mysql-5.1.39-ndb-7.0.10","mysql-5.1.39-ndb-7.0.9","mysql-5.1.39-ndb-7.0.9b","mysql-5.1.39-ndb-7.1.1","mysql-5.1.4","mysql-5.1.40","mysql-5.1.40sp1","mysql-5.1.41","mysql-5.1.41-ndb-6.3.31","mysql-5.1.41-ndb-6.3.31a","mysql-5.1.41-ndb-6.3.31b","mysql-5.1.41-ndb-6.3.32","mysql-5.1.41-ndb-7.0.11","mysql-5.1.41-ndb-7.0.11a","mysql-5.1.41-ndb-7.0.11b","mysql-5.1.41-ndb-7.0.12","mysql-5.1.41-ndb-7.0.12a","mysql-5.1.41-ndb-7.0.12b","mysql-5.1.41-ndb-7.0.13","mysql-5.1.41-ndb-7.1.1","mysql-5.1.41-ndb-7.1.2-beta","mysql-5.1.42","mysql-5.1.43","mysql-5.1.43sp1","mysql-5.1.44","mysql-5.1.44-ndb-6.3.33","mysql-5.1.44-ndb-6.3.34","mysql-5.1.44-ndb-7.0.14","mysql-5.1.44-ndb-7.0.15","mysql-5.1.44-ndb-7.0.15a","mysql-5.1.44-ndb-7.1.3","mysql-5.1.44-ndb-7.1.4","mysql-5.1.44-ndb-7.1.4a","mysql-5.1.45","mysql-5.1.46","mysql-5.1.46sp1","mysql-5.1.47","mysql-5.1.47-ndb-6.3.35","mysql-5.1.47-ndb-7.0.16","mysql-5.1.47-ndb-7.1.5","mysql-5.1.48","mysql-5.1.49","mysql-5.1.49sp1","mysql-5.1.5","mysql-5.1.5-for-windows","mysql-5.1.50","mysql-5.1.51","mysql-5.1.52","mysql-5.1.52sp1","mysql-5.1.53","mysql-5.1.54","mysql-5.1.55","mysql-5.1.56","mysql-5.1.57","mysql-5.1.58","mysql-5.1.59","mysql-5.1.6","mysql-5.1.60","mysql-5.1.61","mysql-5.1.62","mysql-5.1.63","mysql-5.1.65","mysql-5.1.66","mysql-5.1.67","mysql-5.1.68","mysql-5.1.69","mysql-5.1.69-retag","mysql-5.1.7","mysql-5.1.70","mysql-5.1.71","mysql-5.1.72","mysql-5.1.73","mysql-5.1.74","mysql-5.1.75","mysql-5.1.76","mysql-5.1.77","mysql-5.1.9","mysql-5.4.1","mysql-5.4.2","mysql-5.4.3","mysql-5.5.0","mysql-5.5.1-m2","mysql-5.5.10","mysql-5.5.11","mysql-5.5.12","mysql-5.5.13","mysql-5.5.14","mysql-5.5.15","mysql-5.5.16","mysql-5.5.17","mysql-5.5.18","mysql-5.5.19","mysql-5.5.2-m2","mysql-5.5.20","mysql-5.5.21","mysql-5.5.22","mysql-5.5.23","mysql-5.5.24","mysql-5.5.25","mysql-5.5.25a","mysql-5.5.27","mysql-5.5.27-ndb-7.2.8","mysql-5.5.28","mysql-5.5.29","mysql-5.5.3-m3","mysql-5.5.30","mysql-5.5.30-ndb-7.2.12","mysql-5.5.31","mysql-5.5.32","mysql-5.5.33","mysql-5.5.34","mysql-5.5.35","mysql-5.5.35-ndb-7.2.15-alu-10","mysql-5.5.35-ndb-7.2.15-alu-11","mysql-5.5.35-ndb-7.2.15-alu-9","mysql-5.5.36","mysql-5.5.37","mysql-5.5.38","mysql-5.5.39","mysql-5.5.40","mysql-5.5.41","mysql-5.5.42","mysql-5.5.43","mysql-5.5.44","mysql-5.5.45","mysql-5.5.46","mysql-5.5.47","mysql-5.5.48","mysql-5.5.49","mysql-5.5.5-m3","mysql-5.5.50","mysql-5.5.51","mysql-5.5.52","mysql-5.5.53","mysql-5.5.54","mysql-5.5.55","mysql-5.5.56","mysql-5.5.57","mysql-5.5.58","mysql-5.5.59","mysql-5.5.6-rc","mysql-5.5.60","mysql-5.5.61","mysql-5.5.62","mysql-5.5.63","mysql-5.5.7","mysql-5.5.8","mysql-5.5.9","mysql-5.6.10","mysql-5.6.11","mysql-5.6.12","mysql-5.6.13","mysql-5.6.14","mysql-5.6.15","mysql-5.6.16","mysql-5.6.17","mysql-5.6.19","mysql-5.6.2","mysql-5.6.20","mysql-5.6.21","mysql-5.6.22","mysql-5.6.23","mysql-5.6.24","mysql-5.6.25","mysql-5.6.26","mysql-5.6.27","mysql-5.6.28","mysql-5.6.29","mysql-5.6.3","mysql-5.6.30","mysql-5.6.31","mysql-5.6.32","mysql-5.6.33","mysql-5.6.34","mysql-5.6.35","mysql-5.6.36","mysql-5.6.37","mysql-5.6.38","mysql-5.6.39","mysql-5.6.4","mysql-5.6.40","mysql-5.6.41","mysql-5.6.42","mysql-5.6.43","mysql-5.6.44","mysql-5.6.45","mysql-5.6.46","mysql-5.6.47","mysql-5.6.48","mysql-5.6.49","mysql-5.6.5","mysql-5.6.50","mysql-5.6.51","mysql-5.6.6","mysql-5.6.7","mysql-5.6.8","mysql-5.6.9","mysql-5.7-22-ndb-7.6.6","mysql-5.7.1","mysql-5.7.10","mysql-5.7.10-2","mysql-5.7.11","mysql-5.7.12","mysql-5.7.13","mysql-5.7.14","mysql-5.7.15","mysql-5.7.16","mysql-5.7.17","mysql-5.7.18","mysql-5.7.19","mysql-5.7.2","mysql-5.7.20","mysql-5.7.21","mysql-5.7.22","mysql-5.7.23","mysql-5.7.24","mysql-5.7.25","mysql-5.7.26","mysql-5.7.27","mysql-5.7.28","mysql-5.7.29","mysql-5.7.3","mysql-5.7.3-GCS-0.0.1","mysql-5.7.30","mysql-5.7.31","mysql-5.7.32","mysql-5.7.33","mysql-5.7.34","mysql-5.7.4","mysql-5.7.5","mysql-5.7.5-GCS-0.1","mysql-5.7.6","mysql-5.7.6-GroupReplication-0.3.0","mysql-5.7.7","mysql-5.7.8","mysql-5.7.9","mysql-8.0.0","mysql-8.0.1","mysql-8.0.11","mysql-8.0.12","mysql-8.0.13","mysql-8.0.14","mysql-8.0.15","mysql-8.0.16","mysql-8.0.17","mysql-8.0.18","mysql-8.0.19","mysql-8.0.2","mysql-8.0.20","mysql-8.0.21","mysql-8.0.22","mysql-8.0.23","mysql-8.0.24","mysql-8.0.25","mysql-8.0.3","mysql-8.0.4","mysql-cluster-7.1.29","mysql-cluster-7.1.30","mysql-cluster-7.1.31","mysql-cluster-7.1.32","mysql-cluster-7.1.33","mysql-cluster-7.1.34","mysql-cluster-7.1.35","mysql-cluster-7.1.36","mysql-cluster-7.1.37","mysql-cluster-7.2.14","mysql-cluster-7.2.15","mysql-cluster-7.2.16","mysql-cluster-7.2.17","mysql-cluster-7.2.18","mysql-cluster-7.2.19","mysql-cluster-7.2.20","mysql-cluster-7.2.21","mysql-cluster-7.2.22","mysql-cluster-7.2.23","mysql-cluster-7.2.24","mysql-cluster-7.2.25","mysql-cluster-7.2.26","mysql-cluster-7.2.27","mysql-cluster-7.2.28","mysql-cluster-7.2.29","mysql-cluster-7.2.30","mysql-cluster-7.2.31","mysql-cluster-7.2.32","mysql-cluster-7.2.33","mysql-cluster-7.2.34","mysql-cluster-7.2.35","mysql-cluster-7.2.36","mysql-cluster-7.2.37","mysql-cluster-7.2.38","mysql-cluster-7.2.39","mysql-cluster-7.2.40","mysql-cluster-7.3","mysql-cluster-7.3.10","mysql-cluster-7.3.11","mysql-cluster-7.3.12","mysql-cluster-7.3.13","mysql-cluster-7.3.14","mysql-cluster-7.3.15","mysql-cluster-7.3.16","mysql-cluster-7.3.17","mysql-cluster-7.3.18","mysql-cluster-7.3.19","mysql-cluster-7.3.20","mysql-cluster-7.3.21","mysql-cluster-7.3.22","mysql-cluster-7.3.23","mysql-cluster-7.3.24","mysql-cluster-7.3.25","mysql-cluster-7.3.26","mysql-cluster-7.3.27","mysql-cluster-7.3.28","mysql-cluster-7.3.29","mysql-cluster-7.3.3","mysql-cluster-7.3.30","mysql-cluster-7.3.31","mysql-cluster-7.3.32","mysql-cluster-7.3.33","mysql-cluster-7.3.4","mysql-cluster-7.3.5","mysql-cluster-7.3.6","mysql-cluster-7.3.7","mysql-cluster-7.3.8","mysql-cluster-7.3.9","mysql-cluster-7.4.1","mysql-cluster-7.4.10","mysql-cluster-7.4.11","mysql-cluster-7.4.12","mysql-cluster-7.4.13","mysql-cluster-7.4.14","mysql-cluster-7.4.15","mysql-cluster-7.4.16","mysql-cluster-7.4.17","mysql-cluster-7.4.18","mysql-cluster-7.4.19","mysql-cluster-7.4.2","mysql-cluster-7.4.20","mysql-cluster-7.4.21","mysql-cluster-7.4.22","mysql-cluster-7.4.23","mysql-cluster-7.4.24","mysql-cluster-7.4.25","mysql-cluster-7.4.26","mysql-cluster-7.4.27","mysql-cluster-7.4.28","mysql-cluster-7.4.29","mysql-cluster-7.4.3","mysql-cluster-7.4.30","mysql-cluster-7.4.31","mysql-cluster-7.4.32","mysql-cluster-7.4.33","mysql-cluster-7.4.34","mysql-cluster-7.4.35","mysql-cluster-7.4.36","mysql-cluster-7.4.37","mysql-cluster-7.4.38","mysql-cluster-7.4.39","mysql-cluster-7.4.4","mysql-cluster-7.4.5","mysql-cluster-7.4.6","mysql-cluster-7.4.7","mysql-cluster-7.4.8","mysql-cluster-7.4.9","mysql-cluster-7.5.0","mysql-cluster-7.5.1","mysql-cluster-7.5.10","mysql-cluster-7.5.11","mysql-cluster-7.5.12","mysql-cluster-7.5.13","mysql-cluster-7.5.14","mysql-cluster-7.5.15","mysql-cluster-7.5.16","mysql-cluster-7.5.17","mysql-cluster-7.5.18","mysql-cluster-7.5.19","mysql-cluster-7.5.2","mysql-cluster-7.5.20","mysql-cluster-7.5.21","mysql-cluster-7.5.22","mysql-cluster-7.5.3","mysql-cluster-7.5.4","mysql-cluster-7.5.5","mysql-cluster-7.5.6","mysql-cluster-7.5.7","mysql-cluster-7.5.8","mysql-cluster-7.5.9","mysql-cluster-7.6.10","mysql-cluster-7.6.11","mysql-cluster-7.6.12","mysql-cluster-7.6.13","mysql-cluster-7.6.14","mysql-cluster-7.6.15","mysql-cluster-7.6.16","mysql-cluster-7.6.17","mysql-cluster-7.6.18","mysql-cluster-7.6.2","mysql-cluster-7.6.3","mysql-cluster-7.6.4","mysql-cluster-7.6.5","mysql-cluster-7.6.6","mysql-cluster-7.6.7","mysql-cluster-7.6.8","mysql-cluster-7.6.9","mysql-cluster-8.0.16","mysql-cluster-8.0.17","mysql-cluster-8.0.18","mysql-cluster-8.0.19","mysql-cluster-8.0.20","mysql-cluster-8.0.21","mysql-cluster-8.0.22","mysql-cluster-8.0.23","mysql-cluster-8.0.24","mysql-cluster-8.0.25"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.11.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.15.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.15.1"}]},{"events":[{"introduced":"0"},{"last_affected":"1.8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.15.0"}]},{"events":[{"introduced":"0"},{"fixed":"11.1.2.4.047"}]},{"events":[{"introduced":"21.0"},{"fixed":"21.3"}]},{"events":[{"introduced":"0"},{"fixed":"1.0.1.1"}]},{"events":[{"introduced":"8.2.0"},{"fixed":"8.2.12"}]},{"events":[{"introduced":"9.0.0"},{"fixed":"9.0.6"}]}],"vanir_signatures":[{"signature_type":"Line","deprecated":false,"id":"CVE-2021-22901-112b40cc","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/vtls/gskit.c"},"digest":{"threshold":0.9,"line_hashes":["186219220524685466747730293319960369262","221885776772179948375588984335771599016","242092821167957799341998848306994961622"]},"signature_version":"v1"},{"signature_type":"Line","deprecated":false,"id":"CVE-2021-22901-16afe490","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/vtls/wolfssl.c"},"digest":{"threshold":0.9,"line_hashes":["105711553773464346414647333756716138062","2904185772424648690614208022438633360","28943486962530006695741710418216306715"]},"signature_version":"v1"},{"signature_type":"Line","deprecated":false,"id":"CVE-2021-22901-1a7f75ad","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/multi.c"},"digest":{"threshold":0.9,"line_hashes":["187473753366580240819143889369803023555","19947501796357691300854331411987220613","95654700292215788056874075044093236670","54945258926373500052511413367380796929","50910872226802818269537850369166031572","58240838674613881414058697592076492097","327008296953905714942243329393832476807","167690107269592290756581100018194607341","163502143684354781220170101016683290242"]},"signature_version":"v1"},{"signature_type":"Function","deprecated":false,"id":"CVE-2021-22901-1dc33ea9","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/multi.c","function":"Curl_detach_connnection"},"digest":{"function_hash":"282527232010509207256326083520762769034","length":159},"signature_version":"v1"},{"signature_type":"Line","deprecated":false,"id":"CVE-2021-22901-29a281cb","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/vtls/mesalink.c"},"digest":{"threshold":0.9,"line_hashes":["186219220524685466747730293319960369262","221885776772179948375588984335771599016","118420185482035953781785408918051443343"]},"signature_version":"v1"},{"signature_type":"Line","deprecated":false,"id":"CVE-2021-22901-5ed26d1d","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/vtls/openssl.c"},"digest":{"threshold":0.9,"line_hashes":["73271168870267222109289255326453829008","73827907696276383707622611301589291798","211530242407209078484329373388314723108","188779164379214942689248499697233465740","85386975455582097309536242192917050731","245081344340155641301320834143844850881","62153286337341876067281988598850343391","121669162297169078699046718566740458729","215298610020151475422509359025881665450","160496096879707273982560064615393928037","262253162330575483615990927020006884742","207030032140940270196392569482197400507","52196972406707744499516007337590729723","310848303797566296324889670751101086331","222593396967390567450172725704753887575","235691541654497677847954641653469180817","58633988980821724765059247018395199889","25447831337023957638041419169130371823","147075429205132582405216565002123595763","159239750700783782352173299703698057266","3437427716754797935132463652839023737","127087658280103561645782008847134409151","75199286429243154010508244248962936561","244921248497977065595362047332805878839","335526394393619798921303958949091926921","142148865309299820369778016046747186849","36343027810611685258758416187132301997","145703898883617860025281749174947940817","49821058802725643425531673427781409057","49678742140860501719462917258286975569","63202482301952805327802201198622534649","293181921711569263243064672048373818969","133900923489114446296021898851185466508","36777361632708934694797056998674843243","11177419630060475881010668020085817087","303422892470415582204293820830754579527","286083972253237306490318597426997081139","261079382685828178432555473902036016734","279260391187534534676049212163993726371","329627646565725648632430807782727645922","79194766196837938283253745097174225478","5571743488213546801408132267818404860","130049941606887403578626904489921224945","178097734931733945871273233063040427391","216425396822114078519857436547106591880","285542075915533030311331310894582100597","181108455092571060169513480302647763308","201208934546635710539200215230233609237","13409051224758349761312328379615738889","299473193568500530537773344539589740788","152017765307026313653490870096797999253"]},"signature_version":"v1"},{"signature_type":"Line","deprecated":false,"id":"CVE-2021-22901-b01c82f2","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/vtls/gtls.c"},"digest":{"threshold":0.9,"line_hashes":["117254624900286043914446684036232897839","278148543623425240728153472164075251212","313428367765666149420051287200382297935"]},"signature_version":"v1"},{"signature_type":"Line","deprecated":false,"id":"CVE-2021-22901-b75e8d96","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/vtls/mbedtls.c"},"digest":{"threshold":0.9,"line_hashes":["155031123524163536542363547886908076616","241564592740147399037087761500264710056","224236323127553732321566263121395653926"]},"signature_version":"v1"},{"signature_type":"Line","deprecated":false,"id":"CVE-2021-22901-b76d75f7","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/vtls/vtls.h"},"digest":{"threshold":0.9,"line_hashes":["17479791198913112085959967000244748158","122978703432319367585527440563987283441","108255278866082812394702543602527323182","63147417521427190620024285144529305281","281873735472492112698195639167232268211","274123850254446799268534801426234867900","83722995015177457113170279222513998005"]},"signature_version":"v1"},{"signature_type":"Line","deprecated":false,"id":"CVE-2021-22901-bee48009","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/vtls/sectransp.c"},"digest":{"threshold":0.9,"line_hashes":["93612680191468065498685381231912631392","172816224077672263565079124615633457341","316884559720800204945935234868905210031","293326983079720454113692492174647385498"]},"signature_version":"v1"},{"signature_type":"Line","deprecated":false,"id":"CVE-2021-22901-c3256b70","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/vtls/vtls.c"},"digest":{"threshold":0.9,"line_hashes":["220881515393441035084801830498670033932","174542894043304738129105816634116784620","783098884639603181500321915206659113","186219220524685466747730293319960369262","221885776772179948375588984335771599016","72703555703531540869677605507512220101","227890448358690435620343229236177822739"]},"signature_version":"v1"},{"signature_type":"Line","deprecated":false,"id":"CVE-2021-22901-c729b6cb","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/vtls/nss.c"},"digest":{"threshold":0.9,"line_hashes":["89438604099976147155922991379116780231","152200389674360309942177538872971541530","36458605533992043066698451277391902613"]},"signature_version":"v1"},{"signature_type":"Function","deprecated":false,"id":"CVE-2021-22901-deb6cd76","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/vtls/openssl.c","function":"ossl_connect_step1"},"digest":{"function_hash":"308421803234990224094444390237334411602","length":14664},"signature_version":"v1"},{"signature_type":"Line","deprecated":false,"id":"CVE-2021-22901-e0ea5594","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/vtls/schannel.c"},"digest":{"threshold":0.9,"line_hashes":["222480428048420087676105947998287034698","1791862209004315891931085883200233347","335032092301468568357198521291765970795","163498262204948760416787486037998488372","86790545262539225571869431646476558833","102446219944222485332424481391822647475","301150589919494327216392615030845277105"]},"signature_version":"v1"},{"signature_type":"Line","deprecated":false,"id":"CVE-2021-22901-e28697f3","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/vtls/rustls.c"},"digest":{"threshold":0.9,"line_hashes":["186219220524685466747730293319960369262","221885776772179948375588984335771599016","331942912995982428602909187462272364537"]},"signature_version":"v1"},{"signature_type":"Function","deprecated":false,"id":"CVE-2021-22901-f263bc98","source":"https://github.com/curl/curl/commit/7f4a9a9b2a49547eae24d2e19bc5c346e9026479","target":{"file":"lib/multi.c","function":"Curl_attach_connnection"},"digest":{"function_hash":"276203671696876119948010549383366377839","length":299},"signature_version":"v1"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22901.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}