CVE-2020-8286

Опубликовано: 14 дек. 2020

Источник: debian

EPSS Низкий

Описание

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

Пакет	Статус	Версия исправления	Релиз	Тип
curl	fixed	7.74.0-1		package

https://curl.se/docs/CVE-2020-8286.html
https://github.com/curl/curl/commit/d9d01672785b8ac04aab1abb6de95fe3072ae199 (curl-7_74_0)

EPSS

Процентиль: 59%

0.00384

Низкий

CVE-2020-8286

CVSS3: 7.5

ubuntu

около 5 лет назад

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

CVE-2020-8286

CVSS3: 7.4

redhat

около 5 лет назад

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

CVE-2020-8286

CVSS3: 7.5

nvd

около 5 лет назад

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

CVE-2020-8286

CVSS3: 7.5

msrc

около 5 лет назад

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

GHSA-xh5x-q49r-r9w4

CVSS3: 7.5

github

больше 3 лет назад

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

EPSS

Процентиль: 59%

0.00384

Низкий