4 matches found
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the OCSP stapling process with Apple SecTrust. An attacker can cause the client to accept invalid or revoked server certificates by exploiting the failure to properly detect OCSP response problems. Not...
CVE-2026-7009
When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it fails to detect OCSP problems and instead wrongly consider the response as fine...
CURL-CVE-2026-7009 OCSP stapling bypass with Apple SecTrust
When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it fails to detect OCSP problems and instead wrongly consider the response as fine...
CVE-2026-7009
creationtimestamp| type| source ---|---|--- 2026-04-29 07:11:01+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mkmkahhjdz2v 2026-04-29 12:45:08+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mkn4vufiap2k...