CVE-2024-55581 Information

Description

When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an HTTPS server’s certificate (unless the using program specifies a TLS configuration).

Reference

https://docs.adacore.com/corp/security-advisories/SEC.AWS-0056-v1.pdf