http://seclists.org/fulldisclosure/2021/Apr/51

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

https://curl.se/docs/CVE-2020-8285.html

https://github.com/curl/curl/issues/6255

https://hackerone.com/reports/1045844

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/

https://security.gentoo.org/glsa/202012-14

https://security.netapp.com/advisory/ntap-20210122-0007/

https://support.apple.com/kb/HT212325

https://support.apple.com/kb/HT212326

https://support.apple.com/kb/HT212327

https://www.debian.org/security/2021/dsa-4881

https://www.oracle.com//security-alerts/cpujul2021.html

https://www.oracle.com/security-alerts/cpuApr2021.html

https://www.oracle.com/security-alerts/cpuapr2022.html

https://www.oracle.com/security-alerts/cpujan2022.html

OR
     *cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:* versions from (including) 8.2.0 up to (excluding) 8.2.12
     *cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:* versions from (including) 9.0.0 up to (excluding) 9.0.6
     *cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E No Types Assigned

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E Mailing List, Third Party Advisory

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E No Types Assigned

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/ No Types Assigned

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/ Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/ No Types Assigned

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/ Mailing List, Third Party Advisory

HackerOne https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E [No types assigned]

HackerOne https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E [No types assigned]

HackerOne https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/ [No types assigned]

HackerOne https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/ [No types assigned]

HackerOne https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E

HackerOne https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E

HackerOne https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/

HackerOne https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/

OR
     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*

OR
     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*

OR
     *cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.1.1

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf Third Party Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf Patch, Third Party Advisory

https://www.oracle.com/security-alerts/cpuapr2022.html No Types Assigned

https://www.oracle.com/security-alerts/cpuapr2022.html Patch, Third Party Advisory

https://www.oracle.com/security-alerts/cpuapr2022.html [No Types Assigned]

AND
     OR
          *cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp2410
     OR
          cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp3110
     OR
          cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp2410
     OR
          cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp3110
     OR
          cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp2410
     OR
          cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp3110
     OR
          cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp2410
     OR
          cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp3110
     OR
          cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp2410
     OR
          cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp3110
     OR
          cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp2410
     OR
          cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:* versions up to (excluding) xcp3110
     OR
          cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*

OR
     *cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*
     *cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf No Types Assigned

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf Third Party Advisory

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E No Types Assigned

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E Mailing List, Third Party Advisory

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E No Types Assigned

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E Mailing List, Third Party Advisory

https://www.oracle.com//security-alerts/cpujul2021.html No Types Assigned

https://www.oracle.com//security-alerts/cpujul2021.html Patch, Third Party Advisory

https://www.oracle.com/security-alerts/cpuApr2021.html No Types Assigned

https://www.oracle.com/security-alerts/cpuApr2021.html Patch, Third Party Advisory

https://www.oracle.com/security-alerts/cpujan2022.html No Types Assigned

https://www.oracle.com/security-alerts/cpujan2022.html Patch, Third Party Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf [No Types Assigned]

https://www.oracle.com/security-alerts/cpujan2022.html [No Types Assigned]

https://www.oracle.com//security-alerts/cpujul2021.html [No Types Assigned]

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E [No Types Assigned]

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E [No Types Assigned]

https://www.oracle.com/security-alerts/cpuApr2021.html [No Types Assigned]

http://seclists.org/fulldisclosure/2021/Apr/51 No Types Assigned

http://seclists.org/fulldisclosure/2021/Apr/51 Mailing List, Third Party Advisory

http://seclists.org/fulldisclosure/2021/Apr/51 [No Types Assigned]

OR
     *cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:* versions from (including) 7.21.0 up to (including) 7.73.0

OR
     *cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:* versions from (including) 7.21.0 up to (excluding) 7.74.0

OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
     *cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:o:netapp:hci_storage_node_firmware:-:*:*:*:*:*:*:*
     OR
          cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*

OR
     *cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
     *cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*

OR
     *cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to (excluding) 10.14.6
     *cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*
     *cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_202

https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html Third Party Advisory

https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/ Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/ Mailing List, Third Party Advisory

https://security.gentoo.org/glsa/202012-14 No Types Assigned

https://security.gentoo.org/glsa/202012-14 Third Party Advisory

https://security.netapp.com/advisory/ntap-20210122-0007/ No Types Assigned

https://security.netapp.com/advisory/ntap-20210122-0007/ Third Party Advisory

https://support.apple.com/kb/HT212325 No Types Assigned

https://support.apple.com/kb/HT212325 Third Party Advisory

https://support.apple.com/kb/HT212326 No Types Assigned

https://support.apple.com/kb/HT212326 Third Party Advisory

https://support.apple.com/kb/HT212327 No Types Assigned

https://support.apple.com/kb/HT212327 Third Party Advisory

https://www.debian.org/security/2021/dsa-4881 No Types Assigned

https://www.debian.org/security/2021/dsa-4881 Third Party Advisory

https://support.apple.com/kb/HT212325 [No Types Assigned]

https://support.apple.com/kb/HT212326 [No Types Assigned]

https://support.apple.com/kb/HT212327 [No Types Assigned]

https://www.debian.org/security/2021/dsa-4881 [No Types Assigned]

https://security.netapp.com/advisory/ntap-20210122-0007/ [No Types Assigned]

https://security.gentoo.org/glsa/202012-14 [No Types Assigned]

OR
     *cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:* versions from (including) 7.21.0 up to (including) 7.73.0

OR
     *cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:* versions from (including) 7.21.0 up to (including) 7.73.0

OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR
     *cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
     *cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

https://github.com/curl/curl/issues/6255 Third Party Advisory

https://github.com/curl/curl/issues/6255 Exploit, Third Party Advisory

https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html No Types Assigned

https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/ No Types Assigned

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/ Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/ No Types Assigned

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/ Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/ [No Types Assigned]

https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html [No Types Assigned]

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/ [No Types Assigned]

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

NIST (AV:N/AC:L/Au:N/C:N/I:N/A:P)

NIST CWE-674

NIST CWE-787

OR
     *cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:* versions from (including) 7.21.0 up to (including) 7.73.0

https://curl.se/docs/CVE-2020-8285.html No Types Assigned

https://curl.se/docs/CVE-2020-8285.html Vendor Advisory

https://github.com/curl/curl/issues/6255 No Types Assigned

https://github.com/curl/curl/issues/6255 Third Party Advisory

https://hackerone.com/reports/1045844 No Types Assigned

https://hackerone.com/reports/1045844 Permissions Required