CVE-2021-22926: 
MySQL vulnerability analysis and mitigation

CVE-2021-22926 is a vulnerability in libcurl that affects applications using the macOS native TLS library Secure Transport. The vulnerability was discovered in 2021 and affects libcurl versions from 7.33.0 up to (excluding) 7.78.0. When libcurl-using applications request a specific client certificate using the CURLOPT_SSLCERT option (or --cert with command line tool), the application can specify the certificate by name or filename (NVD).

The vulnerability occurs when an application runs with a current working directory that is writable by other users (like /tmp). A malicious user can create a file with the same name as the certificate name the application intends to use, tricking the application into using the file-based certificate instead of the one referred to by name. This results in libcurl sending the wrong client certificate in the TLS connection handshake. The vulnerability has been assigned a CVSS v3.1 Base Score of 7.5 HIGH with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (NVD).

A successful exploitation of this vulnerability can lead to sending incorrect client certificates during TLS handshakes, potentially causing authentication failures or unauthorized access. The vulnerability primarily affects availability, with no direct impact on confidentiality or integrity (NetApp Advisory).

The vulnerability has been fixed in libcurl version 7.78.0 and later. Organizations using affected versions should upgrade to a patched version. Multiple vendors have released patches for their products incorporating libcurl, including Oracle in their Critical Patch Updates (Oracle CPU), NetApp (NetApp Advisory), and Gentoo Linux (Gentoo Advisory).