CVE-2021-22925: 
MySQL vulnerability analysis and mitigation

CVE-2021-22925 affects curl versions 7.7 through 7.77.0. The vulnerability exists in the TELNET option parser for sending NEW_ENV variables, where libcurl could potentially reveal sensitive internal information to the server using a clear-text network protocol. This vulnerability was discovered and reported by Red Hat Product Security and is a result of an incomplete fix for CVE-2021-22898 (Curl Website).

The vulnerability occurs due to a flaw in the option parser for sending NEW_ENV variables, where libcurl could be made to pass on uninitialized data from a stack-based buffer to the server. This happened because curl did not call and use sscanf() correctly when parsing the string provided by the application. The vulnerability affects the -t command line option, known as CURLOPT_TELNETOPTIONS in libcurl, which is used to send variable=content pairs to TELNET servers (Curl Website).

When successfully exploited, this vulnerability could lead to the disclosure of sensitive internal information to the server using a clear-text network protocol. The vulnerability has a CVSS Base Score of 5.3 MEDIUM (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) (NetApp Advisory).

The vulnerability has been fixed in curl version 7.78.0. Organizations should upgrade to this version or later to address the vulnerability. The fix involves using sscanf() properly and only using properly filled-in buffers (Curl Website).