VDB
CVE-2024-8096
CVE-2024-8096
PUBLISHED
cURL ist eine Client-Software, die das Austauschen von Dateien mittels mehrerer Protokolle wie z. B. HTTP oder FTP erlaubt.
EPSS 0.56% · 68.7th percentile
Risk Scores
EPSS Score
0.56%
68.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Dell PowerProtect Data Domain OS | |
| NetApp | NetApp ActiveIQ Unified Manager | |
| Tenable Security | Tenable Security Nessus Network Monitor <6.5.0 | |
| Insyde | Insyde UEFI Firmware <RV24.06 | |
| SUSE | SUSE Linux | |
| Dell | Dell PowerProtect Data Domain | |
| Ubuntu | Ubuntu Linux | |
| Splunk | Splunk Splunk Enterprise <9.3.5 | |
| Splunk | Splunk Splunk Enterprise <9.4.3 | |
| Dell | Dell PowerProtect Data Domain Management Center | |
| Oracle | Oracle Fusion Middleware 12.2.1.4.0 | |
| Debian | Debian Linux | |
| Oracle | Oracle Fusion Middleware 8.5.7 | |
| Splunk | Splunk Splunk Enterprise <9.2.7 | |
| Oracle | Oracle Fusion Middleware 14.1.2.0.0 | |
| Insyde | Insyde UEFI Firmware <RV23.08 | |
| Splunk | Splunk Splunk Enterprise <9.1.10 | |
| Oracle | Oracle Fusion Middleware 14.1.1.0.0 | |
| Open Source | Open Source cURL <8.10.0 |
Exploit Intelligence
- CVE-2026-7009: OCSP stapling bypass with Apple SecTrust (hackerone)
- CVE-2026-7009: OCSP stapling bypass with Apple SecTrust (hackerone)
- CVE-2026-7009: OCSP stapling bypass with Apple SecTrust (hackerone)
- CVE-2024-8096: OCSP stapling bypass with GnuTLS (hackerone)
- CVE-2024-8096: OCSP stapling bypass with GnuTLS (hackerone)
- CVE-2024-8096: OCSP stapling bypass with GnuTLS (hackerone)
- https://hackerone.com/reports/2669852 (osv)
- CVE-2025-38062.yara (github-yara)
- glcve_test.go (github-poc)
- CVE-2025-38062.yara (github-yara)
…and 15 more exploits
Timeline
- CVE Published
- Sep 11, 2024 PoC Published
- Sep 12, 2024 EPSS Score
- Oct 2, 2024 EPSS Score
- Oct 5, 2024 Coalition ESS Score
- Oct 22, 2024 EPSS Score
- Nov 10, 2024 EPSS Score
- Nov 30, 2024 EPSS Score
- Dec 21, 2024 EPSS Score
- Jan 10, 2025 EPSS Score
- Jan 30, 2025 EPSS Score
- Feb 18, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2114.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2114 advisory
- https://curl.se/docs/CVE-2024-8096.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-September/019414.html advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/PFHKET2NUH6KEJ3WAQF2HMAV45BMPNCW/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/XVGLTDRTD2C3KGJY4KWMJLCNJSWIXISB/ advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-September/019413.html advisory
- https://ubuntu.com/security/notices/USN-7012-1 advisory
- https://de.tenable.com/security/tns-2024-17 advisory
- https://www.insyde.com/security-pledge/SA-2024011 advisory
- https://security.netapp.com/advisory/ntap-20241011-0005/ advisory
- https://lists.debian.org/debian-lts-announce/2024/11/msg00008.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2025-June/021084.html advisory
- https://advisory.splunk.com//advisories/SVD-2025-0710 advisory
- https://www.dell.com/support/kbdoc/en-us/000348708/dsa-2025-159-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0143.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0143 advisory
- https://www.oracle.com/security-alerts/cpujan2025.html#AppendixFMW advisory