Lucene search
GoogleOSV:CVE-2024-2379HistoryMar 27, 2024 - 8:15 a.m.
CVE-2024-2379
2024-03-2708:15:41
Google
osv.dev
1
cve-2024-2379
libcurl
certificate verification
quic
wolfssl
cipher
curve
software
security bypass
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.
Related
cve
cve
CVE-2024-2379
2024-03-27 08:15:41
osv
osv
QUIC certificate check bypass with wolfSSL
2024-03-27 08:00:00
wolfi
wolfi
CVE-2024-2379 vulnerabilities
2024-07-03 09:08:38
hackerone
hackerone
curl: CVE-2024-2379: QUIC certificate check bypass with wolfSSL
2024-03-10 21:32:06
nessus
nessus
alpinelinux
alpinelinux
CVE-2024-2379
2024-03-27 08:15:41
veracode
veracode
Certificate Validation
2024-04-06 00:34:26
nvd
nvd
CVE-2024-2379
2024-03-27 08:15:41
ubuntucve
ubuntucve
CVE-2024-2379
2024-03-27 00:00:00
redhatcve
redhatcve
CVE-2024-2379
2024-03-27 09:27:05
cgr
cgr
CVE-2024-2379 vulnerabilities
2024-05-19 03:07:16
debiancve
debiancve
CVE-2024-2379
2024-03-27 08:15:41
cvelist
cvelist
CVE-2024-2379 QUIC certificate check bypass with wolfSSL
2024-03-27 07:56:41
ibm
ibm
openvas
openvas
Slackware: Security Advisory (SSA:2024-087-01)
2024-03-28 00:00:00
Mageia: Security Advisory (MGASA-2024-0099)
2024-04-05 00:00:00
mageia
mageia
Updated curl packages fix security vulnerabilities
2024-03-29 06:49:09
slackware
slackware
[slackware-security] curl
2024-03-27 19:16:33
redhat
redhat