mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 10:17:57 +00:00
851 B
851 B
CVE-2024-0853
Description
curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (OCSP stapling) test failed. A subsequent transfer tothe same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check.
POC
Reference
No PoCs from references.