CVE-2024-8096
When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than 'revoked' (like for example 'unauthorized') it is not treated as a bad certficate.
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin fixed CVE-2024-8096
- T
Tim Bastin fixed CVE-2024-8096
- T
Tim Bastin fixed CVE-2024-8096
- T
Tim Bastin fixed CVE-2024-8096
- T
Tim Bastin fixed CVE-2024-8096
- T
Tim Bastin fixed CVE-2024-8096
- T
Tim Bastin fixed CVE-2024-8096
- T
Tim Bastin fixed CVE-2024-8096
- T
Tim Bastin fixed CVE-2024-8096
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
System detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin detected CVE-2024-8096 with a risk of 3
- T
Tim Bastin
System
System
System
System
System
- S
Sebastian Kawelke updated the risk assessment from 3 to 3.45
Confidentiality Requirement updated: low -> high
- S
Sebastian Kawelke updated the risk assessment from 3 to 3.45
Confidentiality Requirement updated: low -> high
- S
Sebastian Kawelke updated the risk assessment from 3 to 3.45
Confidentiality Requirement updated: low -> high
- S
Sebastian Kawelke updated the risk assessment from 3 to 3.45
Confidentiality Requirement updated: low -> high
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System fixed CVE-2024-8096
System detected CVE-2024-8096 with a risk of 3.46
System updated the risk assessment from 3.46 to 3.45
System recalculated raw risk assessment
Add a comment
Affected component
debian/curl