Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:28566
HistoryDec 11, 2020 - 9:15 a.m.

Authorization Bypass

2020-12-1109:15:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14

EPSS

0.004

Percentile

74.0%

curl is vulnerable to authorization bypass. The vulnerability is present only if OpenSSL is the designated TLS backend. OCSP stapling is not enabled by default by libcurl, it needs to be explicitly enabled by the application to get used.

References