High severity7.5NVD Advisory· Published Nov 12, 2024· Updated Apr 15, 2026

CVE-2024-45289

Description

The fetch(3) library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch(1) to pass the filename to the library was incorrect, in effect ignoring the option.

Fetch would still connect to a host presenting a certificate included in the revocation file passed to the --crl option.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

security.freebsd.org/advisories/FreeBSD-SA-24:18.ctl.ascnvd
security.netapp.com/advisory/ntap-20250110-0001/nvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000