Lucene search
Veracode Vulnerability DatabaseVERACODE:7112HistoryJul 20, 2018 - 8:23 a.m.
Improper TLS Certificate Validation
2018-07-2008:23:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.002 Low
EPSS
Percentile
57.7%
libcurl.so improperly validate TLS cerificates. The vulnerability exists in allocate_conn of url.c where SSL_VERIFYSTATUS is ignored and the server may incorrect display that the certificate is valid even though it is not.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libcurl.so | le | 4.4.0 | |
| curl | le | 7.30.0.2 |
References
Related
nessus
nessus
FreeBSD : cURL -- ocsp status validation error (311e4b1c-f8ee-11e6-9940-b499baebfeaf)
2017-02-23 00:00:00
GLSA-201703-04 : cURL: Certificate validation error
2017-03-28 00:00:00
Mac OS X 10.x < 10.12.6 Multiple Vulnerabilities
2017-07-27 00:00:00
redhatcve
redhatcve
CVE-2017-2629
2017-02-22 10:18:16
ubuntucve
ubuntucve
CVE-2017-2629
2018-07-27 00:00:00
archlinux
archlinux
[ASA-201703-1] curl: insufficient validation
2017-03-03 00:00:00
alpinelinux
alpinelinux
CVE-2017-2629
2018-07-27 19:29:00
prion
prion
Design/Logic Flaw
2018-07-27 19:29:00
f5
f5
K11410303 : cURL vulnerability CVE-2017-2629
2017-03-16 00:00:00
freebsd
freebsd
cURL -- ocsp status validation error
2017-02-22 00:00:00
cve
cve
CVE-2017-2629
2018-07-27 19:29:00
altlinux
altlinux
Security fix for the ALT Linux 8 package curl version 7.53.0-alt1
2017-02-22 00:00:00
osv
osv
CVE-2017-2629
2018-07-27 19:29:00
nvd
nvd
CVE-2017-2629
2018-07-27 19:29:00
debiancve
debiancve
CVE-2017-2629
2018-07-27 19:29:00
cvelist
cvelist
CVE-2017-2629
2018-07-27 19:00:00
gentoo
gentoo
cURL: Certificate validation error
2017-03-28 00:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities (HT207922)
2017-07-20 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1818
2021-07-02 16:36:57
