Curl 8.5.0 < 8.14.0 Improper Certificate Validation (CVE-2025-5025)

The version of Curl installed on the remote host is is missing security update. It is, therefore, affected by a improper certificate validation vulnerability. - libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when...

SUSE CVE-2025-5025

libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC...