Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-4947

libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the URL. Therefore, it does not detect impostors or man-in-the-middle attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.1%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2025-4947
  • Haxx » Curl » Version: 8.10.0
    cpe:2.3:a:haxx:curl:8.10.0
  • Haxx » Curl » Version: 8.10.1
    cpe:2.3:a:haxx:curl:8.10.1
  • Haxx » Curl » Version: 8.11.0
    cpe:2.3:a:haxx:curl:8.11.0
  • Haxx » Curl » Version: 8.8.0
    cpe:2.3:a:haxx:curl:8.8.0
  • Haxx » Curl » Version: 8.9.0
    cpe:2.3:a:haxx:curl:8.9.0
  • Haxx » Curl » Version: 8.9.1
    cpe:2.3:a:haxx:curl:8.9.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved