Title:No QUIC certificate pinning with wolfSSL (CVE-2025-5025) Description:libcurl supports *pinning* of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC and HTTP/3. Since pinning makes the transfer succeed if the pin is fine, users could unwittingly connect to an impostor server without noticing.
Readme
# cve-2025-5025
Report in https://www.notion.so/PoC-CVE-2025-5025-233f40a863f88009b35ae8ba86f7a50f?source=copy_link with vietnamese
Comment to give your opinion
File Snapshot
Log in to view the POC file snapshot cached by Shenlong Bot
1. It is advised to access via the original source first.2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →