curl is vulnerable to Improper Certificate Validation.The vulnerability is due to the retention of SSL session IDs in the cache, even when the OCSP stapling verification fails. This flaw allows subsequent connections to the same hostname to succeed without proper verification if the session ID cache is still valid.