2 matches found
PT-2026-35897
Name of the Vulnerable Software and Affected Versions curl affected versions not specified Description When using the Certificate Status Request TLS extension, commonly known as OCSP stapling, to verify server certificate validity, the software fails to detect OCSP problems and incorrectly treats...
ALPINE-CVE-2017-2629
curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure. It ends up always thinking there's valid proof, even when there is none or if the server...