CVE-2025-0725
Published: February 9, 2025Last modified: February 12, 2025
Description
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.3 |
| Attack Vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | LOW |
| Integrity impact | LOW |
| Availability impact | LOW |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | curl | Not affected (8.1.2-r0) |
| Stream | curl | Not affected (8.1.2-r0) |
References
- http://www.openwall.com/lists/oss-security/2025/02/05/3
- http://www.openwall.com/lists/oss-security/2025/02/06/2
- http://www.openwall.com/lists/oss-security/2025/02/06/4
- https://curl.se/docs/CVE-2025-0725.html
- https://curl.se/docs/CVE-2025-0725.json
- https://hackerone.com/reports/2956023
- https://security.netapp.com/advisory/ntap-20250306-0009/