-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability description states that libcurl skips certificate verification for QUIC connections with wolfSSL when an unknown/bad cipher or curve is used, because the error path accidentally skips verification and returns OK. The fixing commit aedbbdf18e689a5eee8dc396 modifies the curl_wssl_init_ctx function in lib/vquic/vquic-tls.c. Specifically, it adds assignments to the result variable (e.g., result = CURLE_BAD_FUNCTION_ARGUMENT;) in error handling blocks related to wolfSSL_CTX_set_cipher_list and wolfSSL_CTX_set1_groups_list. Before this fix, if these wolfSSL functions failed (which would happen with bad ciphers/curves), curl_wssl_init_ctx could still return CURLE_OK if no prior error had occurred within the function. This incorrect success indication would then lead to the rest of the connection setup proceeding with a faulty TLS configuration, causing the certificate verification to be bypassed. Therefore, curl_wssl_init_ctx is identified as the vulnerable function due to its flawed error propagation in these specific scenarios.
Ongoing coverage of React2Shell