SecuritySpace - CVE-2024-2379

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2024-2379

Description: libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2024-2379
issue
https://hackerone.com/reports/2410774
json
https://curl.se/docs/CVE-2024-2379.json
www
https://curl.se/docs/CVE-2024-2379.html
http://www.openwall.com/lists/oss-security/2024/03/27/2

CVE ID:	CVE-2024-2379
Description:	libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2024-2379 issue https://hackerone.com/reports/2410774 json https://curl.se/docs/CVE-2024-2379.json www https://curl.se/docs/CVE-2024-2379.html http://www.openwall.com/lists/oss-security/2024/03/27/2