AI Score
Confidence
Low
EPSS
Percentile
13.5%
A flaw was found in curl. When libcurl is built to use wolfSSL as the TLS backend, it skips certificate verification for a QUIC connection if an unknown/bad cipher or curve is used.
bugzilla.redhat.com/show_bug.cgi?id=2270499
curl.se/docs/CVE-2024-2379.html
nvd.nist.gov/vuln/detail/CVE-2024-2379
www.cve.org/CVERecord?id=CVE-2024-2379