296,138
Total vulnerabilities in the database
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems.
| Software | From | Fixed in |
|---|---|---|
| haxx / curl | 8.6.0 | 8.6.0.x |
| apple / macos | - | 12.7.6 |
| apple / macos | 14.0 | 14.6 |
| apple / macos | 13.0 | 13.6.8 |