CVE-2025-0725

HIGH

libcurl <1.2.0.3 - Buffer Overflow

Title source: llm

Description

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.

References (8)

Core 8

Core References

Vendor Advisory

https://curl.se/docs/CVE-2025-0725.html

Vendor Advisory

https://curl.se/docs/CVE-2025-0725.json

Exploit, Issue Tracking

https://hackerone.com/reports/2956023

Mailing List

http://www.openwall.com/lists/oss-security/2025/02/05/3

Mailing List

http://www.openwall.com/lists/oss-security/2025/02/06/2

Mailing List

http://www.openwall.com/lists/oss-security/2025/02/06/4

Patch

https://github.com/curl/curl/commit/76f83f0db23846e254d940ec7

View Patch ZIP pw:eip

Third Party Advisory

https://security.netapp.com/advisory/ntap-20250306-0009/

Scores

CVSS v3 7.3

EPSS 0.0044

EPSS Percentile 63.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-120

Status published

Products (8)

haxx/curl 7.10.5 - 8.12.0

haxx/libcurl 7.10.5 - 8.12.0

netapp/hci_baseboard_management_controller

netapp/hci_h610c_firmware

netapp/hci_h610s_firmware

netapp/hci_h615c_firmware

netapp/solidfire_\&_hci_management_node

netapp/solidfire_\&_hci_storage_node

Published Feb 05, 2025

Tracked Since Feb 18, 2026