Vulnerabilities

CVE-2025-0725

by Fred · 05/02/2025

When libcurl is asked to perform automatic gzip decompression of
content-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,
**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would
make libcurl perform a buffer overflow.

More information : http://www.openwall.com/lists/oss-security/2025/02/05/3

Similar

Tags: Cybersecurity Alert