libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| JBoss Core Services for RHEL 8 | RedHat | jbcs-httpd24-curl-0:8.7.1-2.el8jbcs | * |
| JBoss Core Services for RHEL 8 | RedHat | jbcs-httpd24-httpd-0:2.4.57-10.el8jbcs | * |
| JBoss Core Services for RHEL 8 | RedHat | jbcs-httpd24-mod_http2-0:1.15.19-37.el8jbcs | * |
| JBoss Core Services for RHEL 8 | RedHat | jbcs-httpd24-mod_jk-0:1.2.49-6.redhat_1.el8jbcs | * |
| JBoss Core Services for RHEL 8 | RedHat | jbcs-httpd24-mod_md-1:2.4.24-6.el8jbcs | * |
| JBoss Core Services for RHEL 8 | RedHat | jbcs-httpd24-mod_proxy_cluster-0:1.3.20-4.el8jbcs | * |
| JBoss Core Services for RHEL 8 | RedHat | jbcs-httpd24-mod_security-0:2.9.3-36.el8jbcs | * |
| JBoss Core Services for RHEL 8 | RedHat | jbcs-httpd24-nghttp2-0:1.43.0-13.el8jbcs | * |
| JBoss Core Services on RHEL 7 | RedHat | jbcs-httpd24-curl-0:8.7.1-2.el7jbcs | * |
| JBoss Core Services on RHEL 7 | RedHat | jbcs-httpd24-httpd-0:2.4.57-10.el7jbcs | * |
| JBoss Core Services on RHEL 7 | RedHat | jbcs-httpd24-mod_http2-0:1.15.19-37.el7jbcs | * |
| JBoss Core Services on RHEL 7 | RedHat | jbcs-httpd24-mod_jk-0:1.2.49-6.redhat_1.el7jbcs | * |
| JBoss Core Services on RHEL 7 | RedHat | jbcs-httpd24-mod_md-1:2.4.24-6.el7jbcs | * |
| JBoss Core Services on RHEL 7 | RedHat | jbcs-httpd24-mod_proxy_cluster-0:1.3.20-4.el7jbcs | * |
| JBoss Core Services on RHEL 7 | RedHat | jbcs-httpd24-mod_security-0:2.9.3-36.el7jbcs | * |
| JBoss Core Services on RHEL 7 | RedHat | jbcs-httpd24-nghttp2-0:1.43.0-13.el7jbcs | * |
| Red Hat JBoss Core Services 1 | RedHat | curl | * |
| Curl | Ubuntu | upstream | * |