nvd-json-data-feeds/CVE-2024/CVE-2024-23xx/CVE-2024-2379.json

{
  "id": "CVE-2024-2379",
  "sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9",
  "published": "2024-03-27T08:15:41.230",
  "lastModified": "2024-06-10T16:15:13.173",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems."
    },
    {
      "lang": "es",
      "value": "libcurl omite la verificaci\u00f3n del certificado para una conexi\u00f3n QUIC bajo ciertas condiciones, cuando est\u00e1 dise\u00f1ado para usar wolfSSL. Si se le indica que utilice un cifrado o curva desconocido/incorrecto, la ruta de error omite accidentalmente la verificaci\u00f3n y devuelve OK, ignorando as\u00ed cualquier problema de certificado."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "http://www.openwall.com/lists/oss-security/2024/03/27/2",
      "source": "2499f714-1537-4658-8207-48ae4bb9eae9"
    },
    {
      "url": "https://curl.se/docs/CVE-2024-2379.html",
      "source": "2499f714-1537-4658-8207-48ae4bb9eae9"
    },
    {
      "url": "https://curl.se/docs/CVE-2024-2379.json",
      "source": "2499f714-1537-4658-8207-48ae4bb9eae9"
    },
    {
      "url": "https://hackerone.com/reports/2410774",
      "source": "2499f714-1537-4658-8207-48ae4bb9eae9"
    },
    {
      "url": "https://security.netapp.com/advisory/ntap-20240531-0001/",
      "source": "2499f714-1537-4658-8207-48ae4bb9eae9"
    }
  ]
}