vulnerability
FreeBSD: VID-02E33CD1-C655-11EE-8613-08002784C58D (CVE-2024-0853): curl -- OCSP verification bypass with TLS session reuse
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:P/A:N) | Jan 31, 2024 | Feb 29, 2024 | Jan 28, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
Jan 31, 2024
Added
Feb 29, 2024
Modified
Jan 28, 2025
Description
curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP stapling*) test failed. A subsequent transfer to
the same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check.
Solution
freebsd-upgrade-package-curl
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.