CVE-2024-0853 | cURL 8.5.0 OSCP Verification lib/vtls/openssl.c servercert improper check for certificate revocation (c28e9478cb2548848ec)

Inserito da Angelo Barbosa | Gen 31, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in cURL 8.5.0. This issue affects the function servercert of the file lib/vtls/openssl.c of the component OSCP Verification. The manipulation leads to improper check for certificate revocation.

The identification of this vulnerability is CVE-2024-0853. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-0853 | cURL 8.5.0 OSCP Verification lib/vtls/openssl.c servercert improper check for certificate revocation (c28e9478cb2548848ec)

Post correlati

CVE-2024-1704 | ZhongBangKeJi CRMEB 5.2.2 /adminapi/system/crud save/delete path traversal

CVE-2024-4077 | AndonDesign UDesign Plugin up to 4.7.3 on WordPress cross site scripting

CVE-2024-0335 | ABB Symphony Plus S+ Operations denial of service

CVE-2024-0998 | Totolink N200RE 9.3.5u.6139_B20201216 /cgi-bin/cstecgi.cgi setDiagnosisCfg ip stack-based overflow