EUVD-2026-35099

Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

BIT-APACHE-2026-29168 Apache HTTP Server: mod_md unrestricted OCSP response

Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response

...

CVE-2025-11955

Incorrect validation of OCSP certificates vulnerability in TheGreenBow VPN, versions 7.5 and 7.6. During the IKEv2 authentication step, the OCSP-enabled VPN client establishes the tunnel even if it does not receive an OCSP response or if the OCSP response signature is invalid...

Linux Distros Unpatched Vulnerability : CVE-2021-37155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP...

CVE-2024-38031

Windows Online Certificate Status Protocol OCSP Server Denial of Service Vulnerability...

Microsoft Windows Online Certificate Status Protocol Security Vulnerability

Microsoft Windows Online Certificate Status Protocol is a network protocol for verifying the status of digital certificates from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Online Certificate Status Protocol OCSP. An attacker could exploit this vulnerability to...

PT-2024-4761 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an uncontrolled resource consumption in the implementation of the Online Certificate Status Protocol OCSP in Windows. This can be exploited by a remote attacker to...

PT-2024-4854 · Microsoft · Windows Ocsp Server +1

Name of the Vulnerable Software and Affected Versions: Windows Online Certificate Status Protocol OCSP Server affected versions not specified Description: The issue is related to an uncontrolled consumption of resources in the implementation of the Online Certificate Status Protocol OCSP in Windo...

The vulnerability of the Online Certificate Status Protocol (OCSP) implementation in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Online Certificate Status Protocol OCSP implementation in Windows operating systems is related to insufficient protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

openssl: Possible DoS translating ASN.1 object identifiers

A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when...

The vulnerability of Thunderbird email client, Firefox and Firefox ESR browsers relates to improper error handling when processing an inaccessible PAC file. This allows a malicious actor to specify a URL for the PAC file. If the server on which the PAC file is located becomes unavailable, OCSP requests are blocked, resulting in incorrect error pages being displayed.

The vulnerability of the Thunderbird email client, as well as browsers Firefox and Firefox ESR, is related to improper error handling when processing an inaccessible PAC file. Exploiting this vulnerability allows a remote attacker to specify a PAC URL. If the server where the PAC file is located ...

DEBIAN-CVE-2021-37155

wolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response...

openssl: OCSP Status Request extension unbounded memory growth

A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it...

openssl: OCSP Status Request extension unbounded memory growth

A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it...

OpenSSL OCSP Stateful Request Extension Memory Exhaustion Vulnerability

OpenSSL is an open source implementation of SSL used to enable strong encryption of network communications and is now widely used in a variety of web applications. Versions of OpenSSL prior to 1.1.0a, 1.0.2i, and 1.0.1u would eventually deny service as the server ran out of memory when dealing wi...