Lucene search
K

15 matches found

OSV
OSV
added 2026/06/05 10:50 a.m.4 views

ROOT-OS-DEBIAN-12-CVE-2024-2379 CVE-2024-2379 in rootio-curl - Patched by Root

Root has patched CVE-2024-2379 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...

6.3CVSS5.5AI score0.01709EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2024-2379

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or...

6.3CVSS6.6AI score0.01709EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.59 views

Tenable Security Center Multiple Vulnerabilities (TNS-2024-13)

According to its self-reported version, the Tenable Security Center running on the remote host is 6.2.1, 6.3.0 or 6.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-13 advisory. - Security Center leverages third-party software to help provide underlying...

9.8CVSS7.5AI score0.99957EPSS
Exploits14References19
RedHat Linux
RedHat Linux
added 2024/05/07 3:50 p.m.90 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP4 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.6CVSS6.9AI score0.91327EPSS
Exploits6References8
OpenVAS
OpenVAS
added 2024/04/05 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2024-0099)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS6.6AI score0.36081EPSS
Exploits4References5
OSV
OSV
added 2024/03/28 5:58 a.m.1 views

BELL-CVE-2024-2379

Bulletin has no description...

6.3CVSS6AI score0.01709EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2024/03/28 12:0 a.m.26 views

Slackware: Security Advisory (SSA:2024-087-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.3AI score0.36081EPSS
Exploits4References10
Hacker One
Hacker One
added 2024/03/27 4:39 p.m.76 views

Internet Bug Bounty: CVE-2024-2379: QUIC certificate check bypass with wolfSSL

CVE-2024-2379 was a vulnerability in libcurl's QUIC implementation where certificate verification was skipped under certain conditions when using the wolfSSL library. The vulnerability was caused by an error path that accidentally returned success when encountering unknown or unsupported ciphers ...

6.3CVSS6.5AI score0.01709EPSS
Exploits1
Circl
Circl
added 2024/03/27 10:57 a.m.4 views

CVE-2024-2379

creationtimestamp| type| source ---|---|--- 2024-03-27 10:57:00+00:00| seen| https://t.me/ctinow/212981 2024-03-29 20:51:30+00:00| seen| https://t.me/ctinow/213427 2024-04-09 20:08:09+00:00| seen| https://t.me/arpsyndicate/4411 2024-11-14 12:00:00+00:00| seen|...

6.3CVSS6.5AI score0.01709EPSS
Exploits1References4
Chainguard
Chainguard
added 2024/03/27 8:15 a.m.68 views

CVE-2024-2379 vulnerabilities

Vulnerabilities for packages: curl...

6.3CVSS6.9AI score0.01709EPSS
Exploits1
Wolfi
Wolfi
added 2024/03/27 8:15 a.m.39 views

CVE-2024-2379 vulnerabilities

Vulnerabilities for packages: curl...

6.3CVSS7.2AI score0.01709EPSS
Exploits1
OSV
OSV
added 2024/03/27 7:56 a.m.25 views

CVE-2024-2379 QUIC certificate check bypass with wolfSSL

libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems...

6.3CVSS6.8AI score0.01709EPSS
Exploits1References13
Cvelist
Cvelist
added 2024/03/27 7:56 a.m.28 views

CVE-2024-2379 QUIC certificate check bypass with wolfSSL

libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems...

6.6AI score0.01709EPSS
Exploits1References11
UbuntuCve
UbuntuCve
added 2024/03/27 7:0 a.m.40 views

CVE-2024-2379

libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems...

6.3CVSS6.8AI score0.01709EPSS
Exploits1References2
Hacker One
Hacker One
added 2024/03/10 9:32 p.m.72 views

curl: CVE-2024-2379: QUIC certificate check bypass with wolfSSL

The vulnerability in vquic-tls.c in the curlwsslinitctx function allowed for a certificate check bypass when using the WolfSSL backend. The error handling was not properly implemented, resulting in a potential bypass of the certificate verification requirements...

6.3CVSS6.5AI score0.01709EPSS
Exploits1
Rows per page
Query Builder