Vulnerability Details CVE-2024-55581
When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server's certificate (unless the using program specifies a TLS configuration).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.2%
CVSS Severity
CVSS v3 Score 7.4
References
Products affected by CVE-2024-55581
-
cpe:2.3:a:adacore:ada_web_server:25.0
-
cpe:2.3:o:debian:debian_linux:11.0