curl and libcurl QUIC Certificate Pinning Vulnerability with wolfSSL

A vulnerability exists in curl and libcurl versions 8.5.0 through 8.13.0, when using wolfSSL as the TLS backend for QUIC connections in HTTP/3. The issue arises because the library fails to validate server certificate public key pinning for HTTPS transfers over QUIC, despite the documentation stating that this feature is supported with wolfSSL. As a result, users may unknowingly connect to fraudulent servers without any warning. This vulnerability does not affect HTTP/1.1 or HTTP/2 transfers with wolfSSL, where certificate pinning functions correctly.

Impact

This vulnerability allows for the bypass of certificate pinning, potentially leading to man-in-the-middle attacks where an attacker could impersonate a legitimate server.

Reproduction

To reproduce this vulnerability, first ensure that curl is built with the wolfSSL backend. Then, use a command that initiates a QUIC connection over HTTP/3 to a server, while specifying a pinned public key that does not match the server's certificate. The expected behavior would be for curl to reject the connection due to the pinning mismatch, but instead, it will incorrectly accept the connection.

Remediation

Users can upgrade to curl version 8.14.0 or later, where this vulnerability is fixed. Alternatively, avoid using HTTP/3 or certificate pinning with curl versions that utilize wolfSSL.