Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-0725

Опубликовано: 05 фев. 2025
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS3: 7.3

Описание

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPT_ACCEPT_ENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.

РелизСтатусПримечание
devel

not-affected

only with old zlib
esm-infra-legacy/trusty

not-affected

only with old zlib
esm-infra/bionic

not-affected

only with old zlib
esm-infra/focal

not-affected

only with old zlib
esm-infra/xenial

not-affected

only with old zlib
focal

not-affected

only with old zlib
jammy

not-affected

only with old zlib
noble

not-affected

only with old zlib
oracular

not-affected

only with old zlib
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 74%
0.00917
Низкий

7.3 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2025-0725

CVSS3: 4
redhat
10 месяцев назад

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.

nvd логотип

CVE-2025-0725

CVSS3: 7.3
nvd
10 месяцев назад

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.

msrc логотип

CVE-2025-0725

CVSS3: 7.3
msrc
9 месяцев назад

Описание отсутствует

debian логотип

CVE-2025-0725

CVSS3: 7.3
debian
10 месяцев назад

When libcurl is asked to perform automatic gzip decompression of conte ...

github логотип

GHSA-vvqh-cqpj-5537

CVSS3: 7.3
github
10 месяцев назад

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option, **using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would make libcurl perform a buffer overflow.

EPSS

Процентиль: 74%
0.00917
Низкий

7.3 High

CVSS3