diff --git a/main/curl/APKBUILD b/main/curl/APKBUILD
index 61b2c2255a5d34cc3eb838990d97da8ebb3849c0..afecf94a8f055a6023e60cd9086b727210b267ff 100644
--- a/main/curl/APKBUILD
+++ b/main/curl/APKBUILD
@@ -4,7 +4,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=curl
 pkgver=7.67.0
-pkgrel=3
+pkgrel=4
 pkgdesc="URL retrival utility and library"
 url="https://curl.haxx.se/"
 arch="all"
@@ -20,9 +20,12 @@ source="https://curl.haxx.se/download/$pkgname-$pkgver.tar.xz
 	CVE-2020-8231.patch
 	CVE-2020-8285.patch
 	CVE-2020-8286.patch
+	CVE-2021-22898.patch
 	"
 
 # secfixes:
+#   7.67.0-r4:
+#     - CVE-2021-22898
 #   7.67.0-r3:
 #     - CVE-2020-8285
 #     - CVE-2020-8286
@@ -149,4 +152,5 @@ sha512sums="1d5a344be92dd61b1ba5189eff0fe337e492f2e850794943570fe71c985d0af60bd4
 d43f92378c11824e73204b55a8e0952294e5cb17c89503e6fcd4932f812dda244a66c81e20606b4ececed7198bda37e0ca511631bf2ba91e2e9f336290ba5d4b  CVE-2020-8177.patch
 d5f4421e5ac6f89220d00fb156c803edbb64679e9064ca8328269eea3582ee7780f77522b5069a1288cc09e968567175c94139249cc337906243c95d0bc3e684  CVE-2020-8231.patch
 2765302f147ad29b7187d334edfb66076ab81088583dd681ba37aed96eee6a5108ca8281fe185e60494d4aeda003216319d15e05a341f5796698452816fe0f97  CVE-2020-8285.patch
-6c42a589a8bc7b588dcd2c3e656a221000608841b6347c66e640ba818f6ff73fcfaf1ae1948dcbd446689559f54476b0ca5e340fb00f44da1defb7c2573d4a8c  CVE-2020-8286.patch"
+6c42a589a8bc7b588dcd2c3e656a221000608841b6347c66e640ba818f6ff73fcfaf1ae1948dcbd446689559f54476b0ca5e340fb00f44da1defb7c2573d4a8c  CVE-2020-8286.patch
+c52275bc8ce1463b5a05c5387144b743462a2f551853134254317023ad39445eb53119d88bfb58d17aaa6e5f86985c2f2b540980337eaca1f385ac15818546e6  CVE-2021-22898.patch"
diff --git a/main/curl/CVE-2021-22898.patch b/main/curl/CVE-2021-22898.patch
new file mode 100644
index 0000000000000000000000000000000000000000..ea4d2cb37e87db3746c854f5a5a5868c91c21d7b
--- /dev/null
+++ b/main/curl/CVE-2021-22898.patch
@@ -0,0 +1,25 @@
+From 39ce47f219b09c380b81f89fe54ac586c8db6bde Mon Sep 17 00:00:00 2001
+From: Harry Sintonen <sintonen@iki.fi>
+Date: Fri, 7 May 2021 13:09:57 +0200
+Subject: [PATCH] telnet: check sscanf() for correct number of matches
+
+CVE-2021-22898
+
+Bug: https://curl.se/docs/CVE-2021-22898.html
+---
+ lib/telnet.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/telnet.c b/lib/telnet.c
+index 26e0658ba9cc..fdd137fb0c04 100644
+--- a/lib/telnet.c
++++ b/lib/telnet.c
+@@ -922,7 +922,7 @@ static void suboption(struct Curl_easy *data)
+         size_t tmplen = (strlen(v->data) + 1);
+         /* Add the variable only if it fits */
+         if(len + tmplen < (int)sizeof(temp)-6) {
+-          if(sscanf(v->data, "%127[^,],%127s", varname, varval)) {
++          if(sscanf(v->data, "%127[^,],%127s", varname, varval) == 2) {
+             msnprintf((char *)&temp[len], sizeof(temp) - len,
+                       "%c%s%c%s", CURL_NEW_ENV_VAR, varname,
+                       CURL_NEW_ENV_VALUE, varval);