Lucene search
+L

6 matches found

nvd
nvd
added 2025/02/26 10:15 p.m.14 views

CVE-2024-55581

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...

7.4CVSS0.00267EPSS
Exploits1References2
cve
cve
added 2025/02/26 12:0 a.m.86 views

CVE-2024-55581

CVE-2024-55581 affects AdaCore Ada Web Server 25.0.0 when linked with GnuTLS, where AWS.Client defaults do not verify the HTTPS server certificate, enabling MITM attacks if TLS configuration is not explicitly set. Root cause: insecure defaults in AWS.Client with GnuTLS. Impact: potential compromi...

7.4CVSS7.3AI score0.00267EPSS
Exploits1References2Affected Software1
vulnrichment
vulnrichment
added 2025/02/26 12:0 a.m.10 views

CVE-2024-55581

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...

7.3AI score0.00267EPSS
Exploits1References1
cvelist
cvelist
added 2025/02/26 12:0 a.m.15 views

CVE-2024-55581

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...

0.00267EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2025/02/26 12:0 a.m.6 views

PT-2025-8751 · Adacore +2 · Ada Web Server +3

Name of the Vulnerable Software and Affected Versions: AdaCore Ada Web Server version 25.0.0 Description: The issue concerns a lack of verification of an HTTPS server's certificate in the default behaviour of AWS.Client when linked with GnuTLS, making it vulnerable to a man-in-the-middle attack...

7.4CVSS7.1AI score0.00267EPSS
Exploits1References18
debiancve
debiancve
added 2025/02/26 12:0 a.m.11 views

CVE-2024-55581

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate unless the using program specifies a TLS configuration...

7.4CVSS7.3AI score0.00267EPSS
Exploits1
Rows per page
Query Builder