DEBIAN-CVE-2020-8286 — Vulnetix

DEBIAN-CVE-2020-8286 PUBLISHED CVSS 7.5 HIGH

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products

Vendor	Product	Versions
Debian:14	curl	0, 0, 0
Debian:12	curl	0, 0, 0
Debian:13	curl	0, 0, 0
Debian:11	curl	0, 0, 0

Exploit Intelligence

glcve_test.go (github-poc)

Timeline

Dec 14, 2020 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2020-8286 advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›