5 matches found
Curl 8.17.0 < 8.20.0 OCSP Stapling Bypass
The version of curl installed on the remote host is 8.17.0 prior to 8.20.0. It is, therefore, affected by an OCSP stapling bypass vulnerability: - When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is...
EUVD-2021-10011
Malware in sbrugna...
Curl 8.8.0 < 8.14.0 Improper Certificate Validation (CVE-2025-4947)
The version of Curl installed on the remote host is is missing security update. It is, therefore, affected by a improper certificate validation vulnerability. - libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the...
Amazon Linux 2 : curl (ALAS-2025-2724)
The version of curl installed on the remote host is prior to 8.3.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2724 advisory. When curl is asked to use HSTS, the expiry time for a subdomain mightoverwrite a parent domain's cache entry, making it end sooner or...
CVE-2003-1605
curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server...