CVE-2021-22924

Exp

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.

Published: 2021-08-05 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2021-22924 is rated High Exploit Risk (67.2/100): CVSS Low severity, with high exploitation likelihood (EPSS 6.27%, 93th percentile). Core evidence: 1 public exploit reference(s) are indexed (Exploit-DB). EPSS rose +5.71% over the last day, indicating growing attacker interest. Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2021-22924

EDB-ID Source Kind Published Link
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2021-22924

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.56% 6.27% +5.71%
2 2026-06-03 0.75% 0.56% -0.19%
3 2026-03-04 0.75%

Full EPSS history (64 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2021-22924

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
3.7 3.1 LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:H)
Even with access, the exploit needs extra luck, timing, or a fussy environment to actually work.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:L)
Some sensitive info could get out, but not a total data dump.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:N)
Service keeps running; no real outage angle.
2.2 1.4 [email protected]
3.7 3.1 LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:H)
Even with access, the exploit needs extra luck, timing, or a fussy environment to actually work.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:L)
Some sensitive info could get out, but not a total data dump.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:N)
Service keeps running; no real outage angle.
2.2 1.4 134c704f-9b21-4f2e-91b3-4a467353bcc0
4.3 2.0 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:N)
No availability impact.
8.6 2.9 [email protected]

Weakness enumeration for CVE-2021-22924

OS Trackers for CVE-2021-22924

vendor priority summary link
alpine CVE-2021-22924: 1 source package rows (curl); 8 state rows across 8 repos (3.12-main, 3.17-main, 3.18-main, 3.19-main, 3.20-main, 3.21-main, 3.22-main, edge-main); fixed 8, open 0. https://security.alpinelinux.org/vuln/CVE-2021-22924
debian not yet assigned CVE-2021-22924 not yet assigned priority: Debian including 1 source packages (curl), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2021-22924
redhat medium https://access.redhat.com/security/cve/CVE-2021-22924
suse medium CVE-2021-22924 severity moderate: SUSE including 417 source package names (0.1.0:libcurl4-7.60.0-3.47.1, 0.1.75:libcurl4-7.60.0-3.47.1, …), 670 product×package rows across 213 product lines (Container bci/bci-init, Container bci/dotnet-aspnet, … (213 product lines)): Fixed 530, Known Affected 136, Known Not Affected 4. https://www.suse.com/security/cve/CVE-2021-22924/
ubuntu medium CVE-2021-22924 medium priority: Ubuntu including 1 source packages (curl), 11 status rows across 11 suites (bionic, focal, groovy, hirsute, impish, jammy, kinetic, lunar, trusty, upstream, xenial): released 8, ignored 3. https://ubuntu.com/security/CVE-2021-22924

Affected software / configurations for CVE-2021-22924

Vendor Product Version Raw CPE
haxx libcurl >= 7.10.4, < 7.77.0 cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*
fedoraproject fedora 33 cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
debian debian_linux 9.0 cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
debian debian_linux 10.0 cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
debian debian_linux 11.0 cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
netapp cloud_backup cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
netapp clustered_data_ontap cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
netapp solidfire_\&_hci_management_node cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
netapp solidfire_baseboard_management_controller_firmware cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*
oracle mysql_server >= 5.7.0, <= 5.7.36 cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*
oracle mysql_server >= 8.0.0, <= 8.0.26 cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.57 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.58 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.59 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
siemens sinec_infrastructure_network_services < 1.0.1.1 cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*
siemens sinema_remote_connect_server < 3.1 cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*
siemens logo\!_cmr2040_firmware cpe:2.3:o:siemens:logo\!_cmr2040_firmware:*:*:*:*:*:*:*:*
siemens logo\!_cmr2020_firmware cpe:2.3:o:siemens:logo\!_cmr2020_firmware:*:*:*:*:*:*:*:*
siemens ruggedcomrm_1224_lte_firmware < 7.1 cpe:2.3:o:siemens:ruggedcomrm_1224_lte_firmware:*:*:*:*:*:*:*:*
siemens scalance_m804pb_firmware < 7.1 cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*
siemens scalance_m812-1_firmware < 7.1 cpe:2.3:o:siemens:scalance_m812-1_firmware:*:*:*:*:*:*:*:*
siemens scalance_m816-1_firmware < 7.1 cpe:2.3:o:siemens:scalance_m816-1_firmware:*:*:*:*:*:*:*:*
siemens scalance_m826-2_firmware < 7.1 cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*
siemens scalance_m874-2_firmware < 7.1 cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*
siemens scalance_m874-3_firmware < 7.1 cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*
siemens scalance_m876-3_firmware < 7.1 cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*
siemens scalance_m876-4_firmware < 7.1 cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*
siemens scalance_mum856-1_firmware < 7.1 cpe:2.3:o:siemens:scalance_mum856-1_firmware:*:*:*:*:*:*:*:*
siemens scalance_s615_firmware < 7.1 cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*
siemens simatic_cp_1543-1_firmware < 3.0.22 cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:*
siemens simatic_cp_1545-1_firmware < 1.1 cpe:2.3:o:siemens:simatic_cp_1545-1_firmware:*:*:*:*:*:*:*:*
siemens simatic_rtu3010c_firmware < 5.0.14 cpe:2.3:o:siemens:simatic_rtu3010c_firmware:*:*:*:*:*:*:*:*
siemens simatic_rtu3030c_firmware < 5.0.14 cpe:2.3:o:siemens:simatic_rtu3030c_firmware:*:*:*:*:*:*:*:*
siemens simatic_rtu3031c_firmware < 5.0.14 cpe:2.3:o:siemens:simatic_rtu3031c_firmware:*:*:*:*:*:*:*:*
siemens simatic_rtu_3041c_firmware < 5.0.14 cpe:2.3:o:siemens:simatic_rtu_3041c_firmware:*:*:*:*:*:*:*:*
siemens sinema_remote_connect < 3.1 cpe:2.3:a:siemens:sinema_remote_connect:*:*:*:*:*:*:*:*
siemens siplus_net_cp_1543-1_firmware < 3.0.22 cpe:2.3:o:siemens:siplus_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*
splunk universal_forwarder >= 8.2.0, < 8.2.12 cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*
splunk universal_forwarder >= 9.0.0, < 9.0.6 cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*
splunk universal_forwarder 9.1.0 cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*

References for CVE-2021-22924

URL Tags
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf Patch Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf Third Party Advisory
https://hackerone.com/reports/1223565 Exploit Issue Tracking Patch Third Party Advisory
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E Mailing List Third Party Advisory
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E Mailing List Third Party Advisory
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E Mailing List Third Party Advisory
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/ Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20210902-0003/ Third Party Advisory
https://www.debian.org/security/2022/dsa-5197 Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html Patch Third Party Advisory
cvelogic Threat Intelligence