CVE-2008-2420
EPSS 0.49%
Description
The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.
How to fix CVE-2008-2420
To remediate CVE-2008-2420, upgrade the affected package to a fixed version below.
- Debian/stunnel4—upgrade to 3:4.22-1.1 or later
Is CVE-2008-2420 being exploited?
Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 3:4.22-1.1