18 matches found
Siemens SIMATIC S7-1500 Improper Validation of Certificate with Host Mismatch (CVE-2024-2466)
libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...
Azure Linux 3.0 Security Update: cmake / curl (CVE-2024-2466)
The version of cmake / curl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2466 advisory. - libcurl did not check the server certificate of TLS connections done to a host specified as an IP...
CVE-2024-2466 affecting package cmake for versions less than 3.30.3-2
CVE-2024-2466 affecting package cmake for versions less than 3.30.3-2. An upgraded version of the package is available that resolves this issue...
GLSA-202409-20 : curl: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202409-20 curl: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from th...
Tenable Security Center Multiple Vulnerabilities (TNS-2024-13)
According to its self-reported version, the Tenable Security Center running on the remote host is 6.2.1, 6.3.0 or 6.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-13 advisory. - Security Center leverages third-party software to help provide underlying...
CVE-2024-2466 affecting package curl for versions less than 8.8.0-1
CVE-2024-2466 affecting package curl for versions less than 8.8.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-2466 affecting package curl for versions less than 8.8.0-1
CVE-2024-2466 affecting package curl for versions less than 8.8.0-1. An upgraded version of the package is available that resolves this issue...
Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP4 security update
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Mageia: Security Advisory (MGASA-2024-0099)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware: Security Advisory (SSA:2024-087-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-2466
creationtimestamp| type| source ---|---|--- 2024-03-27 12:46:26+00:00| seen| https://t.me/ctinow/213004 2024-03-29 21:46:25+00:00| seen| https://t.me/ctinow/213434 2024-04-09 20:36:22+00:00| seen| https://t.me/arpsyndicate/4417 2024-11-14 12:00:00+00:00| seen|...
Internet Bug Bounty: CVE-2024-2466: TLS certificate check bypass with mbedTLS (reward request)
CVE-2024-2466: TLS certificate check bypass with mbedTLS. The vulnerability was reported in libcurl, where it did not check the server certificate of TLS connections made to a host specified as an IP address when built to use mbedTLS. This caused the certificate check to be completely skipped,...
AZL-37103 CVE-2024-2466 affecting package curl for versions less than 8.8.0-1
libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...
CVE-2024-2466 vulnerabilities
Vulnerabilities for packages: curl...
CVE-2024-2466 vulnerabilities
Vulnerabilities for packages: curl...
CVE-2024-2466 TLS certificate check bypass with mbedTLS
libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...
CVE-2024-2466 TLS certificate check bypass with mbedTLS
libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...
CVE-2024-2466 TLS certificate check bypass with mbedTLS
libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...