Curl 7.41.0 < 8.10.0 Security Bypass (CVE-2024-8096)

The version of Curl installed on the remote host is between 7.41.0 prior to 8.10.0. It is, therefore, affected by a security bypass vulnerability. When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is...

CVE-2024-8096

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

K15402727: cURL vulnerability CVE-2020-8286

Security Advisory Description curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. CVE-2020-8286 Impact An attacker could provide a forged OCSP response to the F5 product that has made the request with curl...