JLSEC-2025-25

See a problem?
Please try reporting it to the source first.

Source

https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2025/JLSEC-2025-25.md

Import Source

https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2025/JLSEC-2025-25.json

JSON Data

https://api.test.osv.dev/v1/vulns/JLSEC-2025-25

Upstream

CVE-2020-8286

Published

2025-10-10T15:04:01.319Z

Modified

2025-11-03T00:18:52.948617Z

Summary

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insu...

Details

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

Database specific

{
    "license": "CC-BY-4.0",
    "sources": [
        {
            "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8286",
            "imported": "2025-10-10T14:33:22.315Z",
            "id": "CVE-2020-8286",
            "modified": "2024-11-21T05:38:39.643Z",
            "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-8286",
            "published": "2020-12-14T20:15:14.043Z"
        }
    ]
}

References

Affected packages

Julia / LibCURL_jll

Package

Name: LibCURL_jll
Purl: pkg:julia/LibCURL_jll?uuid=deac9b47-8bc7-5906-a0fe-35ac56dc84c0

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.81.0+0