<< Back
CVE Number Vulnerability Product Severity Date
CVE-2024-2466 libcurl TLS Certicficate Check Bypass Vulnerability cURL Medium 30-05-2024

Technical Information

A TLS certificate check bypass vulnerability in libcurl when the specified hostname was given as an IP address, it would avoid the set hostname function and completely skip the certificate check.

Patch Release Date: Mar 27, 2024
Further information on this vulnerability is available at: CVE-2024-2466

Affected Software

cURL 8.5.0 to and including 8.6.0