libcurl QUIC IP cert bypass allows MITM
CVE-2025-4947 Published on May 28, 2025
QUIC certificate check skip with wolfSSL
libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the URL. Therefore, it does not detect impostors or man-in-the-middle attacks.
Vulnerability Analysis
CVE-2025-4947 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. Public availability of a proof of concept (POC) exploit exists for CVE-2025-4947. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.
Products Associated with CVE-2025-4947
Want to know whenever a new CVE is published for Haxx Curl? stack.watch will email you.
Affected Versions
curl:- Version 8.13.0, <= 8.13.0 is affected.
- Version 8.12.1, <= 8.12.1 is affected.
- Version 8.12.0, <= 8.12.0 is affected.
- Version 8.11.1, <= 8.11.1 is affected.
- Version 8.11.0, <= 8.11.0 is affected.
- Version 8.10.1, <= 8.10.1 is affected.
- Version 8.10.0, <= 8.10.0 is affected.
- Version 8.9.1, <= 8.9.1 is affected.
- Version 8.9.0, <= 8.9.0 is affected.
- Version 8.8.0, <= 8.8.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.