{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T07:13:16.093","vulnerabilities":[{"cve":{"id":"CVE-2024-0853","sourceIdentifier":"2499f714-1537-4658-8207-48ae4bb9eae9","published":"2024-02-03T14:15:50.850","lastModified":"2026-06-17T06:54:26.133","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP stapling*) test failed. A subsequent transfer to\nthe same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check."},{"lang":"es","value":"curl inadvertidamente mantuvo el ID de sesión SSL para las conexiones en su caché incluso cuando falló la prueba de verificación del estado (*OCSP stapling*). Una transferencia posterior al mismo nombre de host podría tener éxito si la caché de ID de sesión aún estuviera actualizada, lo que luego omitiría la verificación de estado de verificación."}],"affected":[{"source":"2499f714-1537-4658-8207-48ae4bb9eae9","affectedData":[{"vendor":"curl","product":"curl","defaultStatus":"unaffected","versions":[{"version":"8.5.0","lessThanOrEqual":"8.5.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-02-13T19:54:33.332536Z","id":"CVE-2024-0853","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:haxx:curl:8.5.0:*:*:*:*:*:*:*","matchCriteriaId":"B3F10DBE-EB62-4DCA-A46B-651A39A3502B"}]}]}],"references":[{"url":"https://curl.se/docs/CVE-2024-0853.html","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Vendor Advisory"]},{"url":"https://curl.se/docs/CVE-2024-0853.json","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Vendor Advisory"]},{"url":"https://hackerone.com/reports/2298922","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Exploit","Issue Tracking"]},{"url":"https://security.netapp.com/advisory/ntap-20240307-0004/","source":"2499f714-1537-4658-8207-48ae4bb9eae9"},{"url":"https://security.netapp.com/advisory/ntap-20240426-0009/","source":"2499f714-1537-4658-8207-48ae4bb9eae9"},{"url":"https://security.netapp.com/advisory/ntap-20240503-0012/","source":"2499f714-1537-4658-8207-48ae4bb9eae9"},{"url":"https://curl.se/docs/CVE-2024-0853.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://curl.se/docs/CVE-2024-0853.json","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://hackerone.com/reports/2298922","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking"]},{"url":"https://security.netapp.com/advisory/ntap-20240307-0004/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20240426-0009/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20240503-0012/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}