VDB
CVE-2024-2379
CVE-2024-2379
PUBLISHED
CVSS 8.699999809265137 HIGH
cURL ist eine Client-Software, die das Austauschen von Dateien mittels mehrerer Protokolle wie z. B. HTTP oder FTP erlaubt.
EPSS 0.21% · 42.7th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.21%
42.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| NetApp | NetApp ActiveIQ Unified Manager | |
| NetApp | NetApp ActiveIQ Unified Manager for VMware vSphere | |
| Apple | Apple macOS Monterey <12.7.6 | |
| Dell | Dell PowerProtect Data Domain | |
| Splunk | Splunk Splunk Enterprise <9.4.3 | |
| Fedora | Fedora Linux | |
| IBM | IBM App Connect Enterprise | |
| Apple | Apple macOS Sonoma <14.6 | |
| IBM | IBM MQ Operator v2.0.27 | |
| Red Hat | Red Hat Enterprise Linux | |
| Splunk | Splunk Splunk Enterprise <9.2.7 | |
| EMC | EMC Avamar | |
| Splunk | Splunk Splunk Enterprise <9.3.5 | |
| IBM | IBM AIX 7.3.1 | |
| Ubuntu | Ubuntu Linux | |
| NetApp | NetApp Data ONTAP 9 | |
| Open Source | Open Source cURL <8.7.0 | |
| Xerox | Xerox FreeFlow Print Server v9 for Solaris | |
| Amazon | Amazon Linux 2 | |
| IBM | IBM Spectrum Protect Plus <10.1.17 |
…and 11 more
Exploit Intelligence
- CVE-2024-2379: QUIC certificate check bypass with wolfSSL (hackerone)
- CVE-2024-2379: QUIC certificate check bypass with wolfSSL (hackerone)
- CVE-2024-2379: QUIC certificate check bypass with wolfSSL (hackerone)
- CVE-2024-2379: QUIC certificate check bypass with wolfSSL (hackerone)
- CVE-2024-2379: QUIC certificate check bypass with wolfSSL (hackerone)
- CVE-2024-2379: QUIC certificate check bypass with wolfSSL (hackerone)
- https://hackerone.com/reports/2410774 (osv)
- macos_v2_generated.go (github-poc)
- glcve_test.go (github-poc)
- CVE-2025-38062.yara (github-yara)
…and 33 more exploits
Timeline
- CVE Published
- Mar 27, 2024 EPSS Score
- Mar 27, 2024 PoC Published
- Mar 29, 2024 PoC Published
- Apr 21, 2024 EPSS Score
- May 17, 2024 EPSS Score
- Jun 11, 2024 EPSS Score
- Aug 1, 2024 EPSS Score
- Aug 31, 2024 EPSS Score
- Sep 25, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 21, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0726.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0726 advisory
- https://curl.se/docs/CVE-2024-2004.html advisory
- https://curl.se/docs/CVE-2024-2379.html advisory
- https://curl.se/docs/CVE-2024-2398.html advisory
- https://curl.se/docs/CVE-2024-2466.html advisory
- https://ubuntu.com/security/notices/USN-6718-1 advisory
- https://ubuntu.com/security/notices/USN-6718-2 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-a09456b7a9 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-April/018260.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-April/018273.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-April/018272.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-6dab59bd47 advisory
- https://ubuntu.com/security/notices/USN-6718-3 advisory
- https://alas.aws.amazon.com/AL2/ALAS-2024-2526.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-May/018467.html advisory
- https://access.redhat.com/errata/RHSA-2024:2693 advisory
- https://access.redhat.com/errata/RHSA-2024:2694 advisory
- https://www.insyde.com/security-pledge/SA-2024004 advisory
- https://access.redhat.com/errata/RHSA-2024:3998 advisory
…and 35 more