7.3
HIGH
CVE-2025-0725
Apache libcurl integer overflow vulnerability boils down to buffer overflow
Description

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.

INFO

Published Date :

Feb. 5, 2025, 10:15 a.m.

Last Modified :

June 12, 2025, 4:15 p.m.

Source :

2499f714-1537-4658-8207-48ae4bb9eae9

Remotely Exploitable :

Yes !

Impact Score :

3.4

Exploitability Score :

3.9
Public PoC/Exploit Available at Github

CVE-2025-0725 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2025-0725 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Netapp solidfire_\&_hci_management_node
2 Netapp solidfire_\&_hci_storage_node
3 Netapp hci_baseboard_management_controller
4 Netapp hci_h610s_firmware
5 Netapp hci_h610s
6 Netapp hci_h610c_firmware
7 Netapp hci_h610c
8 Netapp hci_h615c_firmware
9 Netapp hci_h615c
1 Haxx curl
2 Haxx libcurl
References to Advisories, Solutions, and Tools

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

genAI agent providing 'in context' security analysis on CVE, components and more

Python HTML JavaScript

Updated: 2 weeks, 4 days ago
0 stars 0 fork 0 watcher
Born at : May 19, 2025, 5:17 p.m. This repo has been linked 2 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-0725 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2025-0725 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Jun. 12, 2025

    Action Type Old Value New Value
    Added Reference https://github.com/curl/curl/commit/76f83f0db23846e254d940ec7
  • Initial Analysis by [email protected]

    May. 13, 2025

    Action Type Old Value New Value
    Added CWE CWE-120
    Added CPE Configuration OR *cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:* versions from (including) 7.10.5 up to (excluding) 8.12.0 *cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:* versions from (including) 7.10.5 up to (excluding) 8.12.0
    Added CPE Configuration OR *cpe:2.3:a:netapp:hci_baseboard_management_controller:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:netapp:hci_h610s_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:netapp:hci_h610s:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:netapp:hci_h610c_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:netapp:hci_h610c:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:netapp:hci_h615c_firmware:-:*:*:*:*:*:*:* OR cpe:2.3:h:netapp:hci_h615c:-:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:a:netapp:solidfire_&_hci_management_node:-:*:*:*:*:*:*:* *cpe:2.3:a:netapp:solidfire_&_hci_storage_node:-:*:*:*:*:*:*:*
    Added Reference Type curl: https://curl.se/docs/CVE-2025-0725.html Types: Vendor Advisory
    Added Reference Type curl: https://curl.se/docs/CVE-2025-0725.json Types: Vendor Advisory
    Added Reference Type curl: https://hackerone.com/reports/2956023 Types: Exploit, Issue Tracking
    Added Reference Type CVE: https://security.netapp.com/advisory/ntap-20250306-0009/ Types: Third Party Advisory
    Added Reference Type CVE: http://www.openwall.com/lists/oss-security/2025/02/05/3 Types: Mailing List
    Added Reference Type CVE: http://www.openwall.com/lists/oss-security/2025/02/06/2 Types: Mailing List
    Added Reference Type CVE: http://www.openwall.com/lists/oss-security/2025/02/06/4 Types: Mailing List
  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Mar. 07, 2025

    Action Type Old Value New Value
    Added Reference https://security.netapp.com/advisory/ntap-20250306-0009/
  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Feb. 06, 2025

    Action Type Old Value New Value
    Added Reference http://www.openwall.com/lists/oss-security/2025/02/06/4
  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Feb. 06, 2025

    Action Type Old Value New Value
    Added Reference http://www.openwall.com/lists/oss-security/2025/02/06/2
  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Feb. 05, 2025

    Action Type Old Value New Value
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Feb. 05, 2025

    Action Type Old Value New Value
    Added Reference http://www.openwall.com/lists/oss-security/2025/02/05/3
  • New CVE Received by 2499f714-1537-4658-8207-48ae4bb9eae9

    Feb. 05, 2025

    Action Type Old Value New Value
    Added Description When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.
    Added Reference https://curl.se/docs/CVE-2025-0725.html
    Added Reference https://curl.se/docs/CVE-2025-0725.json
    Added Reference https://hackerone.com/reports/2956023
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2025-0725 is associated with the following CWEs:

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
© cvefeed.io
Latest DB Update: Jun. 27, 2025 15:05