CVE-2025-0725

HIGH

libcurl <1.2.0.3 - Buffer Overflow

Title source: llm

Description

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.

References (8)

[Vendor Advisory] https://curl.se/docs/CVE-2025-0725.html

[Vendor Advisory] https://curl.se/docs/CVE-2025-0725.json

[Exploit, Issue Tracking] https://hackerone.com/reports/2956023

[Mailing List] http://www.openwall.com/lists/oss-security/2025/02/05/3

[Mailing List] http://www.openwall.com/lists/oss-security/2025/02/06/2

[Mailing List] http://www.openwall.com/lists/oss-security/2025/02/06/4

[Patch] https://github.com/curl/curl/commit/76f83f0db23846e254d940ec7

View Patch ZIP pw:eip

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20250306-0009/

Scores

CVSS v3 7.3

EPSS 0.0090

EPSS Percentile 75.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Classification

CWE

CWE-120

Status published

Affected Products (8)

netapp/hci_baseboard_management_controller

netapp/hci_h610s_firmware

netapp/hci_h610c_firmware

netapp/hci_h615c_firmware

netapp/solidfire_\&_hci_management_node

netapp/solidfire_\&_hci_storage_node

haxx/curl < 8.12.0

haxx/libcurl < 8.12.0

Timeline

Published Feb 05, 2025

Tracked Since Feb 18, 2026