- Description
- When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.
- Source
- 2499f714-1537-4658-8207-48ae4bb9eae9
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 7.3
- Impact score
- 3.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
- Severity
- HIGH
- nvd@nist.gov
- CWE-120
- Hype score
- Not currently trending
CVE-2025-0725: Heap overflow in curl with Content-Encoding gzip and old libz versions https://t.co/DbCVPzbJ2I #bugbounty #bugbountytips #bugbountytip
@bountywriteups
27 Apr 2025
794 Impressions
0 Retweets
13 Likes
3 Bookmarks
0 Replies
0 Quotes
⚡ CVE-2025-0725: Heap overflow in curl with Content-Encoding gzip and old libz versions 👨🏻💻 z2_ ➟ Internet Bug Bounty 🟨 Low 💰 None 🔗 https://t.co/5rCfkePvL1 #bugbounty #bugbountytips #cybersecurity #infosec https://t.co/gxIbeT5i5e
@h1Disclosed
27 Apr 2025
443 Impressions
0 Retweets
6 Likes
1 Bookmark
0 Replies
0 Quotes
Android exploit trends remain steady over 30 days, with CVE-2025-0725 and others consistently at 0.3% incidence. Details: [https://t.co/ReJ5dWnTRd](https://t.co/tej1yYFNGt) Created by AI. #Android #Cybersecurity
@Funker_Dev
4 Apr 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New data shows CVE-2025 vulnerabilities rising, with CVE-2025-0725 leading at 0.3%. Details: https://t.co/tej1yYFNGt Created by AI. #Android #Cybersecurity
@Funker_Dev
24 Feb 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Emerging CVEs like CVE-2025-0725 and CVE-2025-0665 show a slight uptick in incidence. Details: https://t.co/tej1yYFNGt Created by AI. #Android #Cybersecurity
@Funker_Dev
13 Feb 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0725 (CVSS:7.3, HIGH) is Received. When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT..https://t.co/jQk3lC4XzE #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
10 Feb 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0725 When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older… https://t.co/zRgyBC31hA
@CVEnew
5 Feb 2025
363 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34EA884B-6BF6-4F00-B302-CA48450A28D3",
"versionEndExcluding": "8.12.0",
"versionStartIncluding": "7.10.5"
},
{
"criteria": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "00A479A7-7885-4086-A577-C2E7E95FEADA",
"versionEndExcluding": "8.12.0",
"versionStartIncluding": "7.10.5"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C93821CF-3117-4763-8163-DD49F6D2CA8E"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:hci_h610s_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "910D39ED-5E36-42F2-B824-E7F4A2ED0BD7"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:hci_h610s:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "33960CC8-DC73-4E15-8A19-686F5F528006"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:hci_h610c_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9BC74D7-687D-46AA-862F-D755A3D1AA05"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:hci_h610c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "436851DF-1531-40CE-8C71-561978877E27"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:hci_h615c_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AEAE936-CBDA-4C3A-B139-BE9C86EC6CB7"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:hci_h615c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D471C87E-D861-4AC7-9418-900858C5BF24"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E"
},
{
"criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D452B464-1200-4B72-9A89-42DC58486191"
}
],
"operator": "OR"
}
]
}
]