CVE-2025-0725 - Vulnerability Details

When libcurl is asked to perform automatic gzip decompression of
content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,
**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would
make libcurl perform a buffer overflow.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00904.

Exploitation poc

Automatable yes

Technical Impact partial

Vendors	Products
Haxx Subscribe	Curl Subscribe Libcurl Subscribe
Netapp Subscribe	Hci Baseboard Management Controller Subscribe Hci H610c Subscribe Hci H610c Firmware Subscribe Hci H610s Subscribe Hci H610s Firmware Subscribe Hci H615c Subscribe Hci H615c Firmware Subscribe Solidfire \& Hci Management Node Subscribe Solidfire \& Hci Storage Node Subscribe
Zlib Subscribe	Zlib Subscribe

Configuration 1 [-]

cpe:2.3:a:netapp:hci_baseboard_management_controller:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:netapp:hci_h610s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:hci_h610s:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:netapp:hci_h610c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:hci_h610c:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:netapp:hci_h615c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:hci_h615c:-:*:*:*:*:*:*:*

Configuration 5 [-]

OR	cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:::::::*
	cpe:2.3:a:netapp:solidfire_\&_hci_storage_node:-:::::::*

Configuration 6 [-]

AND

OR	cpe:2.3:a:haxx:curl::::::::
	cpe:2.3:a:haxx:libcurl::::::::

cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2025-1837	When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2025/02/05/3
http://www.openwall.com/lists/oss-security/2025/02/06/2
http://www.openwall.com/lists/oss-security/2025/02/06/4
https://curl.se/docs/CVE-2025-0725.html
https://curl.se/docs/CVE-2025-0725.json
https://github.com/curl/curl/commit/76f83f0db23846e254d940ec7
https://hackerone.com/reports/2956023
https://nvd.nist.gov/vuln/detail/CVE-2025-0725
https://security.netapp.com/advisory/ntap-20250306-0009/
https://www.cve.org/CVERecord?id=CVE-2025-0725

History

Wed, 16 Jul 2025 22:45:00 +0900

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00215}`	epss `{'score': 0.0023}`

Sat, 28 Jun 2025 04:45:00 +0900

Type	Values Removed	Values Added
First Time appeared		Zlib Zlib zlib
CPEs		cpe:2.3:a:zlib:zlib::::::::
Vendors & Products		Zlib Zlib zlib

Fri, 13 Jun 2025 01:30:00 +0900

Type	Values Removed	Values Added
References		https://github.com/curl/curl/commit/76f83f0db23846e254d940ec7

Wed, 14 May 2025 04:00:00 +0900

Type	Values Removed	Values Added
First Time appeared		Haxx Haxx curl Haxx libcurl Netapp Netapp hci Baseboard Management Controller Netapp hci H610c Netapp hci H610c Firmware Netapp hci H610s Netapp hci H610s Firmware Netapp hci H615c Netapp hci H615c Firmware Netapp solidfire \& Hci Management Node Netapp solidfire \& Hci Storage Node
Weaknesses		CWE-120
CPEs		cpe:2.3:a:haxx:curl:::::::: cpe:2.3:a:haxx:libcurl:::::::: cpe:2.3:a:netapp:hci_baseboard_management_controller:-:::::::* cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:::::::* cpe:2.3:a:netapp:solidfire_\&_hci_storage_node:-:::::::* cpe:2.3:h:netapp:hci_h610c:-:::::::* cpe:2.3:h:netapp:hci_h610s:-:::::::* cpe:2.3:h:netapp:hci_h615c:-:::::::* cpe:2.3:o:netapp:hci_h610c_firmware:-:::::::* cpe:2.3:o:netapp:hci_h610s_firmware:-:::::::* cpe:2.3:o:netapp:hci_h615c_firmware:-:::::::*
Vendors & Products		Haxx Haxx curl Haxx libcurl Netapp Netapp hci Baseboard Management Controller Netapp hci H610c Netapp hci H610c Firmware Netapp hci H610s Netapp hci H610s Firmware Netapp hci H615c Netapp hci H615c Firmware Netapp solidfire \& Hci Management Node Netapp solidfire \& Hci Storage Node

Fri, 07 Mar 2025 10:30:00 +0900

Type	Values Removed	Values Added
References		https://security.netapp.com/advisory/ntap-20250306-0009/

Fri, 07 Feb 2025 23:30:00 +0900

Type	Values Removed	Values Added
Weaknesses		CWE-680
References		https://nvd.nist.gov/vuln/detail/CVE-2025-0725 https://www.cve.org/CVERecord?id=CVE-2025-0725
Metrics	threat_severity `None`	threat_severity `Low`

Fri, 07 Feb 2025 04:45:00 +0900

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2025/02/06/4

Thu, 06 Feb 2025 20:30:00 +0900

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2025/02/06/2

Thu, 06 Feb 2025 00:15:00 +0900

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 05 Feb 2025 20:45:00 +0900

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2025/02/05/3

Wed, 05 Feb 2025 18:30:00 +0900

Type	Values Removed	Values Added
Description		When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.
Title		gzip integer overflow
References		https://curl.se/docs/CVE-2025-0725.html https://curl.se/docs/CVE-2025-0725.json https://hackerone.com/reports/2956023

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: curl

Published: 2025-02-05T09:18:20.468Z

Updated: 2025-06-12T16:04:29.956Z

Reserved: 2025-01-27T04:58:09.514Z

Link: CVE-2025-0725

Vulnrichment

Updated: 2025-06-12T16:04:29.956Z

NVD

Status : Analyzed

Published: 2025-02-05T10:15:22.980

Modified: 2025-06-27T19:24:08.327

Link: CVE-2025-0725

Redhat

Severity : Low

Publid Date: 2025-02-05T09:18:20Z

Links: CVE-2025-0725 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Exploitation poc

Automatable yes

Technical Impact partial

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object