CVE-2025-0725

High CVSS: 7.3

When libcurl is asked to perform automatic gzip decompression of
content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,
**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would
make libcurl perform a buffer overflow.

Vendor

Netapp

Product

Hci Baseboard Management Controller

CWE

CWE-120

Yayın Tarihi

2025-02-05 10:15:22

Güncelleme

2025-06-27 19:24:08

Source Identifier

2499f714-1537-4658-8207-48ae4bb9eae9

KEV Date Added

Kategoriler

CWE-120 Hci Baseboard Management Controller HIGH Netapp 2025

Referanslar

https://curl.se/docs/CVE-2025-0725.html https://curl.se/docs/CVE-2025-0725.json https://hackerone.com/reports/2956023 http://www.openwall.com/lists/oss-security/2025/02/05/3 http://www.openwall.com/lists/oss-security/2025/02/06/2 http://www.openwall.com/lists/oss-security/2025/02/06/4 https://github.com/curl/curl/commit/76f83f0db23846e254d940ec7 https://security.netapp.com/advisory/ntap-20250306-0009/

Benzer Kayıtlar

Medium

CVE-2026-22052

ONTAP versions 9.12.1 and higher with S3 NAS buckets are susceptible to an information disclosure vulnerability. Success…

Medium

CVE-2026-22050

ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a…

Medium

CVE-2025-26514

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Reflected Cr…

High

CVE-2025-26515

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 without Single Sign-on enabled ar…

Medium

CVE-2025-26516

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Denial of Se…

Medium

CVE-2025-26517

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a privilege es…