Action not permitted
Modal body text goes here.
Modal Title
Modal Body
fkie_cve-2025-0725
Vulnerability from fkie_nvd
Published
2025-02-05 10:15
Modified
2025-03-07 01:15
Severity ?
Summary
When libcurl is asked to perform automatic gzip decompression of
content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,
**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would
make libcurl perform a buffer overflow.
References
Impacted products
| Vendor | Product | Version |
|---|
{ cveTags: [], descriptions: [ { lang: "en", value: "When libcurl is asked to perform automatic gzip decompression of\ncontent-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,\n**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would\nmake libcurl perform a buffer overflow.", }, { lang: "es", value: "Cuando se le solicita a libcurl que realice una descompresión gzip automática de respuestas HTTP codificadas con contenido con la opción `CURLOPT_ACCEPT_ENCODING`, **usando zlib 1.2.0.3 o anterior**, un desbordamiento de entero controlado por un atacante haría que libcurl realice un desbordamiento de búfer.", }, ], id: "CVE-2025-0725", lastModified: "2025-03-07T01:15:12.403", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.4, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2025-02-05T10:15:22.980", references: [ { source: "2499f714-1537-4658-8207-48ae4bb9eae9", url: "https://curl.se/docs/CVE-2025-0725.html", }, { source: "2499f714-1537-4658-8207-48ae4bb9eae9", url: "https://curl.se/docs/CVE-2025-0725.json", }, { source: "2499f714-1537-4658-8207-48ae4bb9eae9", url: "https://hackerone.com/reports/2956023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2025/02/05/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2025/02/06/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2025/02/06/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20250306-0009/", }, ], sourceIdentifier: "2499f714-1537-4658-8207-48ae4bb9eae9", vulnStatus: "Awaiting Analysis", }
cve-2025-0725
Vulnerability from cvelistv5
Published
2025-02-05 09:18
Modified
2025-03-07 00:10
Severity ?
EPSS score ?
Summary
When libcurl is asked to perform automatic gzip decompression of
content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,
**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would
make libcurl perform a buffer overflow.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| curl | curl |
Version: 8.11.1 ≤ 8.11.1 Version: 8.11.0 ≤ 8.11.0 Version: 8.10.1 ≤ 8.10.1 Version: 8.10.0 ≤ 8.10.0 Version: 8.9.1 ≤ 8.9.1 Version: 8.9.0 ≤ 8.9.0 Version: 8.8.0 ≤ 8.8.0 Version: 8.7.1 ≤ 8.7.1 Version: 8.7.0 ≤ 8.7.0 Version: 8.6.0 ≤ 8.6.0 Version: 8.5.0 ≤ 8.5.0 Version: 8.4.0 ≤ 8.4.0 Version: 8.3.0 ≤ 8.3.0 Version: 8.2.1 ≤ 8.2.1 Version: 8.2.0 ≤ 8.2.0 Version: 8.1.2 ≤ 8.1.2 Version: 8.1.1 ≤ 8.1.1 Version: 8.1.0 ≤ 8.1.0 Version: 8.0.1 ≤ 8.0.1 Version: 8.0.0 ≤ 8.0.0 Version: 7.88.1 ≤ 7.88.1 Version: 7.88.0 ≤ 7.88.0 Version: 7.87.0 ≤ 7.87.0 Version: 7.86.0 ≤ 7.86.0 Version: 7.85.0 ≤ 7.85.0 Version: 7.84.0 ≤ 7.84.0 Version: 7.83.1 ≤ 7.83.1 Version: 7.83.0 ≤ 7.83.0 Version: 7.82.0 ≤ 7.82.0 Version: 7.81.0 ≤ 7.81.0 Version: 7.80.0 ≤ 7.80.0 Version: 7.79.1 ≤ 7.79.1 Version: 7.79.0 ≤ 7.79.0 Version: 7.78.0 ≤ 7.78.0 Version: 7.77.0 ≤ 7.77.0 Version: 7.76.1 ≤ 7.76.1 Version: 7.76.0 ≤ 7.76.0 Version: 7.75.0 ≤ 7.75.0 Version: 7.74.0 ≤ 7.74.0 Version: 7.73.0 ≤ 7.73.0 Version: 7.72.0 ≤ 7.72.0 Version: 7.71.1 ≤ 7.71.1 Version: 7.71.0 ≤ 7.71.0 Version: 7.70.0 ≤ 7.70.0 Version: 7.69.1 ≤ 7.69.1 Version: 7.69.0 ≤ 7.69.0 Version: 7.68.0 ≤ 7.68.0 Version: 7.67.0 ≤ 7.67.0 Version: 7.66.0 ≤ 7.66.0 Version: 7.65.3 ≤ 7.65.3 Version: 7.65.2 ≤ 7.65.2 Version: 7.65.1 ≤ 7.65.1 Version: 7.65.0 ≤ 7.65.0 Version: 7.64.1 ≤ 7.64.1 Version: 7.64.0 ≤ 7.64.0 Version: 7.63.0 ≤ 7.63.0 Version: 7.62.0 ≤ 7.62.0 Version: 7.61.1 ≤ 7.61.1 Version: 7.61.0 ≤ 7.61.0 Version: 7.60.0 ≤ 7.60.0 Version: 7.59.0 ≤ 7.59.0 Version: 7.58.0 ≤ 7.58.0 Version: 7.57.0 ≤ 7.57.0 Version: 7.56.1 ≤ 7.56.1 Version: 7.56.0 ≤ 7.56.0 Version: 7.55.1 ≤ 7.55.1 Version: 7.55.0 ≤ 7.55.0 Version: 7.54.1 ≤ 7.54.1 Version: 7.54.0 ≤ 7.54.0 Version: 7.53.1 ≤ 7.53.1 Version: 7.53.0 ≤ 7.53.0 Version: 7.52.1 ≤ 7.52.1 Version: 7.52.0 ≤ 7.52.0 Version: 7.51.0 ≤ 7.51.0 Version: 7.50.3 ≤ 7.50.3 Version: 7.50.2 ≤ 7.50.2 Version: 7.50.1 ≤ 7.50.1 Version: 7.50.0 ≤ 7.50.0 Version: 7.49.1 ≤ 7.49.1 Version: 7.49.0 ≤ 7.49.0 Version: 7.48.0 ≤ 7.48.0 Version: 7.47.1 ≤ 7.47.1 Version: 7.47.0 ≤ 7.47.0 Version: 7.46.0 ≤ 7.46.0 Version: 7.45.0 ≤ 7.45.0 Version: 7.44.0 ≤ 7.44.0 Version: 7.43.0 ≤ 7.43.0 Version: 7.42.1 ≤ 7.42.1 Version: 7.42.0 ≤ 7.42.0 Version: 7.41.0 ≤ 7.41.0 Version: 7.40.0 ≤ 7.40.0 Version: 7.39.0 ≤ 7.39.0 Version: 7.38.0 ≤ 7.38.0 Version: 7.37.1 ≤ 7.37.1 Version: 7.37.0 ≤ 7.37.0 Version: 7.36.0 ≤ 7.36.0 Version: 7.35.0 ≤ 7.35.0 Version: 7.34.0 ≤ 7.34.0 Version: 7.33.0 ≤ 7.33.0 Version: 7.32.0 ≤ 7.32.0 Version: 7.31.0 ≤ 7.31.0 Version: 7.30.0 ≤ 7.30.0 Version: 7.29.0 ≤ 7.29.0 Version: 7.28.1 ≤ 7.28.1 Version: 7.28.0 ≤ 7.28.0 Version: 7.27.0 ≤ 7.27.0 Version: 7.26.0 ≤ 7.26.0 Version: 7.25.0 ≤ 7.25.0 Version: 7.24.0 ≤ 7.24.0 Version: 7.23.1 ≤ 7.23.1 Version: 7.23.0 ≤ 7.23.0 Version: 7.22.0 ≤ 7.22.0 Version: 7.21.7 ≤ 7.21.7 Version: 7.21.6 ≤ 7.21.6 Version: 7.21.5 ≤ 7.21.5 Version: 7.21.4 ≤ 7.21.4 Version: 7.21.3 ≤ 7.21.3 Version: 7.21.2 ≤ 7.21.2 Version: 7.21.1 ≤ 7.21.1 Version: 7.21.0 ≤ 7.21.0 Version: 7.20.1 ≤ 7.20.1 Version: 7.20.0 ≤ 7.20.0 Version: 7.19.7 ≤ 7.19.7 Version: 7.19.6 ≤ 7.19.6 Version: 7.19.5 ≤ 7.19.5 Version: 7.19.4 ≤ 7.19.4 Version: 7.19.3 ≤ 7.19.3 Version: 7.19.2 ≤ 7.19.2 Version: 7.19.1 ≤ 7.19.1 Version: 7.19.0 ≤ 7.19.0 Version: 7.18.2 ≤ 7.18.2 Version: 7.18.1 ≤ 7.18.1 Version: 7.18.0 ≤ 7.18.0 Version: 7.17.1 ≤ 7.17.1 Version: 7.17.0 ≤ 7.17.0 Version: 7.16.4 ≤ 7.16.4 Version: 7.16.3 ≤ 7.16.3 Version: 7.16.2 ≤ 7.16.2 Version: 7.16.1 ≤ 7.16.1 Version: 7.16.0 ≤ 7.16.0 Version: 7.15.5 ≤ 7.15.5 Version: 7.15.4 ≤ 7.15.4 Version: 7.15.3 ≤ 7.15.3 Version: 7.15.2 ≤ 7.15.2 Version: 7.15.1 ≤ 7.15.1 Version: 7.15.0 ≤ 7.15.0 Version: 7.14.1 ≤ 7.14.1 Version: 7.14.0 ≤ 7.14.0 Version: 7.13.2 ≤ 7.13.2 Version: 7.13.1 ≤ 7.13.1 Version: 7.13.0 ≤ 7.13.0 Version: 7.12.3 ≤ 7.12.3 Version: 7.12.2 ≤ 7.12.2 Version: 7.12.1 ≤ 7.12.1 Version: 7.12.0 ≤ 7.12.0 Version: 7.11.2 ≤ 7.11.2 Version: 7.11.1 ≤ 7.11.1 Version: 7.11.0 ≤ 7.11.0 Version: 7.10.8 ≤ 7.10.8 Version: 7.10.7 ≤ 7.10.7 Version: 7.10.6 ≤ 7.10.6 Version: 7.10.5 ≤ 7.10.5 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2025-03-07T00:10:50.268Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "http://www.openwall.com/lists/oss-security/2025/02/05/3", }, { url: "http://www.openwall.com/lists/oss-security/2025/02/06/2", }, { url: "http://www.openwall.com/lists/oss-security/2025/02/06/4", }, { url: "https://security.netapp.com/advisory/ntap-20250306-0009/", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, }, { other: { content: { id: "CVE-2025-0725", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-05T14:33:50.737849Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-05T14:34:15.390Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "curl", vendor: "curl", versions: [ { lessThanOrEqual: "8.11.1", status: "affected", version: "8.11.1", versionType: "semver", }, { lessThanOrEqual: "8.11.0", status: "affected", version: "8.11.0", versionType: "semver", }, { lessThanOrEqual: "8.10.1", status: "affected", version: "8.10.1", versionType: "semver", }, { lessThanOrEqual: "8.10.0", status: "affected", version: "8.10.0", versionType: "semver", }, { lessThanOrEqual: "8.9.1", status: "affected", version: "8.9.1", versionType: "semver", }, { lessThanOrEqual: "8.9.0", status: "affected", version: "8.9.0", versionType: "semver", }, { lessThanOrEqual: "8.8.0", status: "affected", version: "8.8.0", versionType: "semver", }, { lessThanOrEqual: "8.7.1", status: "affected", version: "8.7.1", versionType: "semver", }, { lessThanOrEqual: "8.7.0", status: "affected", version: "8.7.0", versionType: "semver", }, { lessThanOrEqual: "8.6.0", status: "affected", version: "8.6.0", versionType: "semver", }, { lessThanOrEqual: "8.5.0", status: "affected", version: "8.5.0", versionType: "semver", }, { lessThanOrEqual: "8.4.0", status: "affected", version: "8.4.0", versionType: "semver", }, { lessThanOrEqual: "8.3.0", status: "affected", version: "8.3.0", versionType: "semver", }, { lessThanOrEqual: "8.2.1", status: "affected", version: "8.2.1", versionType: "semver", }, { lessThanOrEqual: "8.2.0", status: "affected", version: "8.2.0", versionType: "semver", }, { lessThanOrEqual: "8.1.2", status: "affected", version: "8.1.2", versionType: "semver", }, { lessThanOrEqual: "8.1.1", status: "affected", version: "8.1.1", versionType: "semver", }, { lessThanOrEqual: "8.1.0", status: "affected", version: "8.1.0", versionType: "semver", }, { lessThanOrEqual: "8.0.1", status: "affected", version: "8.0.1", versionType: "semver", }, { lessThanOrEqual: "8.0.0", status: "affected", version: "8.0.0", versionType: "semver", }, { lessThanOrEqual: "7.88.1", status: "affected", version: "7.88.1", versionType: "semver", }, { lessThanOrEqual: "7.88.0", status: "affected", version: "7.88.0", versionType: "semver", }, { lessThanOrEqual: "7.87.0", status: "affected", version: "7.87.0", versionType: "semver", }, { lessThanOrEqual: "7.86.0", status: "affected", version: "7.86.0", versionType: "semver", }, { lessThanOrEqual: "7.85.0", status: "affected", version: "7.85.0", versionType: "semver", }, { lessThanOrEqual: "7.84.0", status: "affected", version: "7.84.0", versionType: "semver", }, { lessThanOrEqual: "7.83.1", status: "affected", version: "7.83.1", versionType: "semver", }, { lessThanOrEqual: "7.83.0", status: "affected", version: "7.83.0", versionType: "semver", }, { lessThanOrEqual: "7.82.0", status: "affected", version: "7.82.0", versionType: "semver", }, { lessThanOrEqual: "7.81.0", status: "affected", version: "7.81.0", versionType: "semver", }, { lessThanOrEqual: "7.80.0", status: "affected", version: "7.80.0", versionType: "semver", }, { lessThanOrEqual: "7.79.1", status: "affected", version: "7.79.1", versionType: "semver", }, { lessThanOrEqual: "7.79.0", status: "affected", version: "7.79.0", versionType: "semver", }, { lessThanOrEqual: "7.78.0", status: "affected", version: "7.78.0", versionType: "semver", }, { lessThanOrEqual: "7.77.0", status: "affected", version: "7.77.0", versionType: "semver", }, { lessThanOrEqual: "7.76.1", status: "affected", version: "7.76.1", versionType: "semver", }, { lessThanOrEqual: "7.76.0", status: "affected", version: "7.76.0", versionType: "semver", }, { lessThanOrEqual: "7.75.0", status: "affected", version: "7.75.0", versionType: "semver", }, { lessThanOrEqual: "7.74.0", status: "affected", version: "7.74.0", versionType: "semver", }, { lessThanOrEqual: "7.73.0", status: "affected", version: "7.73.0", versionType: "semver", }, { lessThanOrEqual: "7.72.0", status: "affected", version: "7.72.0", versionType: "semver", }, { lessThanOrEqual: "7.71.1", status: "affected", version: "7.71.1", versionType: "semver", }, { lessThanOrEqual: "7.71.0", status: "affected", version: "7.71.0", versionType: "semver", }, { lessThanOrEqual: "7.70.0", status: "affected", version: "7.70.0", versionType: "semver", }, { lessThanOrEqual: "7.69.1", status: "affected", version: "7.69.1", versionType: "semver", }, { lessThanOrEqual: "7.69.0", status: "affected", version: "7.69.0", versionType: "semver", }, { lessThanOrEqual: "7.68.0", status: "affected", version: "7.68.0", versionType: "semver", }, { lessThanOrEqual: "7.67.0", status: "affected", version: "7.67.0", versionType: "semver", }, { lessThanOrEqual: "7.66.0", status: "affected", version: "7.66.0", versionType: "semver", }, { lessThanOrEqual: "7.65.3", status: "affected", version: "7.65.3", versionType: "semver", }, { lessThanOrEqual: "7.65.2", status: "affected", version: "7.65.2", versionType: "semver", }, { lessThanOrEqual: "7.65.1", status: "affected", version: "7.65.1", versionType: "semver", }, { lessThanOrEqual: "7.65.0", status: "affected", version: "7.65.0", versionType: "semver", }, { lessThanOrEqual: "7.64.1", status: "affected", version: "7.64.1", versionType: "semver", }, { lessThanOrEqual: "7.64.0", status: "affected", version: "7.64.0", versionType: "semver", }, { lessThanOrEqual: "7.63.0", status: "affected", version: "7.63.0", versionType: "semver", }, { lessThanOrEqual: "7.62.0", status: "affected", version: "7.62.0", versionType: "semver", }, { lessThanOrEqual: "7.61.1", status: "affected", version: "7.61.1", versionType: "semver", }, { lessThanOrEqual: "7.61.0", status: "affected", version: "7.61.0", versionType: "semver", }, { lessThanOrEqual: "7.60.0", status: "affected", version: "7.60.0", versionType: "semver", }, { lessThanOrEqual: "7.59.0", status: "affected", version: "7.59.0", versionType: "semver", }, { lessThanOrEqual: "7.58.0", status: "affected", version: "7.58.0", versionType: "semver", }, { lessThanOrEqual: "7.57.0", status: "affected", version: "7.57.0", versionType: "semver", }, { lessThanOrEqual: "7.56.1", status: "affected", version: "7.56.1", versionType: "semver", }, { lessThanOrEqual: "7.56.0", status: "affected", version: "7.56.0", versionType: "semver", }, { lessThanOrEqual: "7.55.1", status: "affected", version: "7.55.1", versionType: "semver", }, { lessThanOrEqual: "7.55.0", status: "affected", version: "7.55.0", versionType: "semver", }, { lessThanOrEqual: "7.54.1", status: "affected", version: "7.54.1", versionType: "semver", }, { lessThanOrEqual: "7.54.0", status: "affected", version: "7.54.0", versionType: "semver", }, { lessThanOrEqual: "7.53.1", status: "affected", version: "7.53.1", versionType: "semver", }, { lessThanOrEqual: "7.53.0", status: "affected", version: "7.53.0", versionType: "semver", }, { lessThanOrEqual: "7.52.1", status: "affected", version: "7.52.1", versionType: "semver", }, { lessThanOrEqual: "7.52.0", status: "affected", version: "7.52.0", versionType: "semver", }, { lessThanOrEqual: "7.51.0", status: "affected", version: "7.51.0", versionType: "semver", }, { lessThanOrEqual: "7.50.3", status: "affected", version: "7.50.3", versionType: "semver", }, { lessThanOrEqual: "7.50.2", status: "affected", version: "7.50.2", versionType: "semver", }, { lessThanOrEqual: "7.50.1", status: "affected", version: "7.50.1", versionType: "semver", }, { lessThanOrEqual: "7.50.0", status: "affected", version: "7.50.0", versionType: "semver", }, { lessThanOrEqual: "7.49.1", status: "affected", version: "7.49.1", versionType: "semver", }, { lessThanOrEqual: "7.49.0", status: "affected", version: "7.49.0", versionType: "semver", }, { lessThanOrEqual: "7.48.0", status: "affected", version: "7.48.0", versionType: "semver", }, { lessThanOrEqual: "7.47.1", status: "affected", version: "7.47.1", versionType: "semver", }, { lessThanOrEqual: "7.47.0", status: "affected", version: "7.47.0", versionType: "semver", }, { lessThanOrEqual: "7.46.0", status: "affected", version: "7.46.0", versionType: "semver", }, { lessThanOrEqual: "7.45.0", status: "affected", version: "7.45.0", versionType: "semver", }, { lessThanOrEqual: "7.44.0", status: "affected", version: "7.44.0", versionType: "semver", }, { lessThanOrEqual: "7.43.0", status: "affected", version: "7.43.0", versionType: "semver", }, { lessThanOrEqual: "7.42.1", status: "affected", version: "7.42.1", versionType: "semver", }, { lessThanOrEqual: "7.42.0", status: "affected", version: "7.42.0", versionType: "semver", }, { lessThanOrEqual: "7.41.0", status: "affected", version: "7.41.0", versionType: "semver", }, { lessThanOrEqual: "7.40.0", status: "affected", version: "7.40.0", versionType: "semver", }, { lessThanOrEqual: "7.39.0", status: "affected", version: "7.39.0", versionType: "semver", }, { lessThanOrEqual: "7.38.0", status: "affected", version: "7.38.0", versionType: "semver", }, { lessThanOrEqual: "7.37.1", status: "affected", version: "7.37.1", versionType: "semver", }, { lessThanOrEqual: "7.37.0", status: "affected", version: "7.37.0", versionType: "semver", }, { lessThanOrEqual: "7.36.0", status: "affected", version: "7.36.0", versionType: "semver", }, { lessThanOrEqual: "7.35.0", status: "affected", version: "7.35.0", versionType: "semver", }, { lessThanOrEqual: "7.34.0", status: "affected", version: "7.34.0", versionType: "semver", }, { lessThanOrEqual: "7.33.0", status: "affected", version: "7.33.0", versionType: "semver", }, { lessThanOrEqual: "7.32.0", status: "affected", version: "7.32.0", versionType: "semver", }, { lessThanOrEqual: "7.31.0", status: "affected", version: "7.31.0", versionType: "semver", }, { lessThanOrEqual: "7.30.0", status: "affected", version: "7.30.0", versionType: "semver", }, { lessThanOrEqual: "7.29.0", status: "affected", version: "7.29.0", versionType: "semver", }, { lessThanOrEqual: "7.28.1", status: "affected", version: "7.28.1", versionType: "semver", }, { lessThanOrEqual: "7.28.0", status: "affected", version: "7.28.0", versionType: "semver", }, { lessThanOrEqual: "7.27.0", status: "affected", version: "7.27.0", versionType: "semver", }, { lessThanOrEqual: "7.26.0", status: "affected", version: "7.26.0", versionType: "semver", }, { lessThanOrEqual: "7.25.0", status: "affected", version: "7.25.0", versionType: "semver", }, { lessThanOrEqual: "7.24.0", status: "affected", version: "7.24.0", versionType: "semver", }, { lessThanOrEqual: "7.23.1", status: "affected", version: "7.23.1", versionType: "semver", }, { lessThanOrEqual: "7.23.0", status: "affected", version: "7.23.0", versionType: "semver", }, { lessThanOrEqual: "7.22.0", status: "affected", version: "7.22.0", versionType: "semver", }, { lessThanOrEqual: "7.21.7", status: "affected", version: "7.21.7", versionType: "semver", }, { lessThanOrEqual: "7.21.6", status: "affected", version: "7.21.6", versionType: "semver", }, { lessThanOrEqual: "7.21.5", status: "affected", version: "7.21.5", versionType: "semver", }, { lessThanOrEqual: "7.21.4", status: "affected", version: "7.21.4", versionType: "semver", }, { lessThanOrEqual: "7.21.3", status: "affected", version: "7.21.3", versionType: "semver", }, { lessThanOrEqual: "7.21.2", status: "affected", version: "7.21.2", versionType: "semver", }, { lessThanOrEqual: "7.21.1", status: "affected", version: "7.21.1", versionType: "semver", }, { lessThanOrEqual: "7.21.0", status: "affected", version: "7.21.0", versionType: "semver", }, { lessThanOrEqual: "7.20.1", status: "affected", version: "7.20.1", versionType: "semver", }, { lessThanOrEqual: "7.20.0", status: "affected", version: "7.20.0", versionType: "semver", }, { lessThanOrEqual: "7.19.7", status: "affected", version: "7.19.7", versionType: "semver", }, { lessThanOrEqual: "7.19.6", status: "affected", version: "7.19.6", versionType: "semver", }, { lessThanOrEqual: "7.19.5", status: "affected", version: "7.19.5", versionType: "semver", }, { lessThanOrEqual: "7.19.4", status: "affected", version: "7.19.4", versionType: "semver", }, { lessThanOrEqual: "7.19.3", status: "affected", version: "7.19.3", versionType: "semver", }, { lessThanOrEqual: "7.19.2", status: "affected", version: "7.19.2", versionType: "semver", }, { lessThanOrEqual: "7.19.1", status: "affected", version: "7.19.1", versionType: "semver", }, { lessThanOrEqual: "7.19.0", status: "affected", version: "7.19.0", versionType: "semver", }, { lessThanOrEqual: "7.18.2", status: "affected", version: "7.18.2", versionType: "semver", }, { lessThanOrEqual: "7.18.1", status: "affected", version: "7.18.1", versionType: "semver", }, { lessThanOrEqual: "7.18.0", status: "affected", version: "7.18.0", versionType: "semver", }, { lessThanOrEqual: "7.17.1", status: "affected", version: "7.17.1", versionType: "semver", }, { lessThanOrEqual: "7.17.0", status: "affected", version: "7.17.0", versionType: "semver", }, { lessThanOrEqual: "7.16.4", status: "affected", version: "7.16.4", versionType: "semver", }, { lessThanOrEqual: "7.16.3", status: "affected", version: "7.16.3", versionType: "semver", }, { lessThanOrEqual: "7.16.2", status: "affected", version: "7.16.2", versionType: "semver", }, { lessThanOrEqual: "7.16.1", status: "affected", version: "7.16.1", versionType: "semver", }, { lessThanOrEqual: "7.16.0", status: "affected", version: "7.16.0", versionType: "semver", }, { lessThanOrEqual: "7.15.5", status: "affected", version: "7.15.5", versionType: "semver", }, { lessThanOrEqual: "7.15.4", status: "affected", version: "7.15.4", versionType: "semver", }, { lessThanOrEqual: "7.15.3", status: "affected", version: "7.15.3", versionType: "semver", }, { lessThanOrEqual: "7.15.2", status: "affected", version: "7.15.2", versionType: "semver", }, { lessThanOrEqual: "7.15.1", status: "affected", version: "7.15.1", versionType: "semver", }, { lessThanOrEqual: "7.15.0", status: "affected", version: "7.15.0", versionType: "semver", }, { lessThanOrEqual: "7.14.1", status: "affected", version: "7.14.1", versionType: "semver", }, { lessThanOrEqual: "7.14.0", status: "affected", version: "7.14.0", versionType: "semver", }, { lessThanOrEqual: "7.13.2", status: "affected", version: "7.13.2", versionType: "semver", }, { lessThanOrEqual: "7.13.1", status: "affected", version: "7.13.1", versionType: "semver", }, { lessThanOrEqual: "7.13.0", status: "affected", version: "7.13.0", versionType: "semver", }, { lessThanOrEqual: "7.12.3", status: "affected", version: "7.12.3", versionType: "semver", }, { lessThanOrEqual: "7.12.2", status: "affected", version: "7.12.2", versionType: "semver", }, { lessThanOrEqual: "7.12.1", status: "affected", version: "7.12.1", versionType: "semver", }, { lessThanOrEqual: "7.12.0", status: "affected", version: "7.12.0", versionType: "semver", }, { lessThanOrEqual: "7.11.2", status: "affected", version: "7.11.2", versionType: "semver", }, { lessThanOrEqual: "7.11.1", status: "affected", version: "7.11.1", versionType: "semver", }, { lessThanOrEqual: "7.11.0", status: "affected", version: "7.11.0", versionType: "semver", }, { lessThanOrEqual: "7.10.8", status: "affected", version: "7.10.8", versionType: "semver", }, { lessThanOrEqual: "7.10.7", status: "affected", version: "7.10.7", versionType: "semver", }, { lessThanOrEqual: "7.10.6", status: "affected", version: "7.10.6", versionType: "semver", }, { lessThanOrEqual: "7.10.5", status: "affected", version: "7.10.5", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "z2_", }, { lang: "en", type: "remediation developer", value: "Daniel Stenberg", }, ], descriptions: [ { lang: "en", value: "When libcurl is asked to perform automatic gzip decompression of\ncontent-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,\n**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would\nmake libcurl perform a buffer overflow.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-680 Integer Overflow to Buffer Overflow", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-05T09:18:20.468Z", orgId: "2499f714-1537-4658-8207-48ae4bb9eae9", shortName: "curl", }, references: [ { name: "json", url: "https://curl.se/docs/CVE-2025-0725.json", }, { name: "www", url: "https://curl.se/docs/CVE-2025-0725.html", }, { name: "issue", url: "https://hackerone.com/reports/2956023", }, ], title: "gzip integer overflow", }, }, cveMetadata: { assignerOrgId: "2499f714-1537-4658-8207-48ae4bb9eae9", assignerShortName: "curl", cveId: "CVE-2025-0725", datePublished: "2025-02-05T09:18:20.468Z", dateReserved: "2025-01-27T04:58:09.514Z", dateUpdated: "2025-03-07T00:10:50.268Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.