In this scenario, libcurl first uses a proper HTTP/3 server for the initial transfers, and when it makes a second transfer to the same site it has been replaced by the attacker's impostor machine - without a valid certificate. When libcurl returns to the hostname the second time with a cached SSL session ("CURLOPT_SSL_SESSIONID_CACHE" is not disabled) and early data enabled (the "CURLSSLOPT_EARLYDATA" bit is set in "CURLOPT_SSL_OPTIONS"), libcurl might send off the second request's bytes on that new connection before enforcing the certificate verification failure. Potentially leaking sensitive information.