Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 27 Jun 2025 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat ceph Storage
CPEs cpe:/a:redhat:ceph_storage:8.1::el9
Vendors & Products Redhat ceph Storage

Thu, 13 Feb 2025 01:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat cert Manager
CPEs cpe:/a:redhat:cert_manager:1.15::el9
Vendors & Products Redhat cert Manager

Thu, 14 Nov 2024 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat openstack Podified
CPEs cpe:/a:redhat:openstack_podified:1.0::el9
Vendors & Products Redhat openstack Podified

Tue, 05 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 09 Oct 2024 15:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:service_interconnect:1.4::el8
cpe:/a:redhat:service_interconnect:1.4::el9

Fri, 06 Sep 2024 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat openshift Builds
CPEs cpe:/a:redhat:openshift_builds:1.1::el9
Vendors & Products Redhat openshift Builds

cve-icon MITRE

Status: PUBLISHED

Assigner: Go

Published:

Updated: 2025-02-13T17:40:23.803Z

Reserved: 2024-01-30T16:05:14.757Z

Link: CVE-2024-24783

cve-icon Vulnrichment

Updated: 2024-08-01T23:28:12.597Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-05T23:15:07.683

Modified: 2024-11-21T08:59:41.620

Link: CVE-2024-24783

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-03-05T00:00:00Z

Links: CVE-2024-24783 - Bugzilla

cve-icon OpenCVE Enrichment

No data.