摘要:
When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than revoked (like for example unauthorized ) it is not treated as a bad certficate.
安全等级: Low
公告ID: KylinSec-SA-2024-3714
发布日期: 2024年9月13日
关联CVE: CVE-2024-8096
When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than revoked (like for example unauthorized ) it is not treated as a bad certficate.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2024-8096 | KY3.4-5A | curl | Unaffected |
| CVE-2024-8096 | KY3.5.2 | curl | Unaffected |
| CVE-2024-8096 | V6 | curl | Unaffected |
