CVE-2024-0853 | cURL 8.5.0 OSCP Verification lib/vtls/openssl.c servercert improper check for certificate revocation (c28e9478cb2548848ec)

Inserito da Angelo Barbosa | Gen 31, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in cURL 8.5.0. This issue affects the function servercert of the file lib/vtls/openssl.c of the component OSCP Verification. The manipulation leads to improper check for certificate revocation.

The identification of this vulnerability is CVE-2024-0853. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-0853 | cURL 8.5.0 OSCP Verification lib/vtls/openssl.c servercert improper check for certificate revocation (c28e9478cb2548848ec)

Post correlati

CVE-2024-5502 | Piotnet Addons for Elementor Plugin up to 2.4.30 on WordPress Widget cross site scripting

CVE-2024-30171 | BouncyCastle up to 1.77 Cryptography API Marvin Attack timing discrepancy

CVE-2023-42832 | Apple macOS Software Update Privilege Escalation

CVE-2024-38435 | Unitronics Vision PLC up to v9.9.0 unknown vulnerability