{"id":"CURL-CVE-2025-0725","summary":"gzip integer overflow","details":"When libcurl is asked to perform automatic gzip decompression of\ncontent-encoded HTTP responses with the `CURLOPT_ACCEPT_ENCODING` option,\n**using zlib 1.2.0.3 or older**, an attacker-controlled integer overflow would\nmake libcurl perform a buffer overflow.","aliases":["CVE-2025-0725"],"modified":"2025-05-15T17:48:29Z","published":"2025-02-05T08:00:00Z","database_specific":{"issue":"https://hackerone.com/reports/2956023","last_affected":"8.11.1","affects":"both","award":{"amount":"505","currency":"USD"},"CWE":{"desc":"Integer Overflow to Buffer Overflow","id":"CWE-680"},"package":"curl","severity":"Low","URL":"https://curl.se/docs/CVE-2025-0725.json","www":"https://curl.se/docs/CVE-2025-0725.html"},"affected":[{"ranges":[{"type":"SEMVER","events":[{"introduced":"7.10.5"},{"fixed":"8.12.0"}]},{"type":"GIT","repo":"https://github.com/curl/curl.git","events":[{"introduced":"019c4088cfcca0d2b7c5cc4f52ca5dac0c616089"},{"fixed":"76f83f0db23846e254d940ec7fe141010077eb88"}]}],"versions":["8.11.1","8.11.0","8.10.1","8.10.0","8.9.1","8.9.0","8.8.0","8.7.1","8.7.0","8.6.0","8.5.0","8.4.0","8.3.0","8.2.1","8.2.0","8.1.2","8.1.1","8.1.0","8.0.1","8.0.0","7.88.1","7.88.0","7.87.0","7.86.0","7.85.0","7.84.0","7.83.1","7.83.0","7.82.0","7.81.0","7.80.0","7.79.1","7.79.0","7.78.0","7.77.0","7.76.1","7.76.0","7.75.0","7.74.0","7.73.0","7.72.0","7.71.1","7.71.0","7.70.0","7.69.1","7.69.0","7.68.0","7.67.0","7.66.0","7.65.3","7.65.2","7.65.1","7.65.0","7.64.1","7.64.0","7.63.0","7.62.0","7.61.1","7.61.0","7.60.0","7.59.0","7.58.0","7.57.0","7.56.1","7.56.0","7.55.1","7.55.0","7.54.1","7.54.0","7.53.1","7.53.0","7.52.1","7.52.0","7.51.0","7.50.3","7.50.2","7.50.1","7.50.0","7.49.1","7.49.0","7.48.0","7.47.1","7.47.0","7.46.0","7.45.0","7.44.0","7.43.0","7.42.1","7.42.0","7.41.0","7.40.0","7.39.0","7.38.0","7.37.1","7.37.0","7.36.0","7.35.0","7.34.0","7.33.0","7.32.0","7.31.0","7.30.0","7.29.0","7.28.1","7.28.0","7.27.0","7.26.0","7.25.0","7.24.0","7.23.1","7.23.0","7.22.0","7.21.7","7.21.6","7.21.5","7.21.4","7.21.3","7.21.2","7.21.1","7.21.0","7.20.1","7.20.0","7.19.7","7.19.6","7.19.5","7.19.4","7.19.3","7.19.2","7.19.1","7.19.0","7.18.2","7.18.1","7.18.0","7.17.1","7.17.0","7.16.4","7.16.3","7.16.2","7.16.1","7.16.0","7.15.5","7.15.4","7.15.3","7.15.2","7.15.1","7.15.0","7.14.1","7.14.0","7.13.2","7.13.1","7.13.0","7.12.3","7.12.2","7.12.1","7.12.0","7.11.2","7.11.1","7.11.0","7.10.8","7.10.7","7.10.6","7.10.5"],"database_specific":{"vanir_signatures":[{"signature_type":"Function","deprecated":false,"id":"CURL-CVE-2025-0725-20f25f3a","source":"https://github.com/curl/curl.git/commit/76f83f0db23846e254d940ec7fe141010077eb88","target":{"file":"lib/content_encoding.c","function":"inflate_stream"},"digest":{"function_hash":"252364363294404715169109774035698948412","length":1831},"signature_version":"v1"},{"signature_type":"Function","deprecated":false,"id":"CURL-CVE-2025-0725-31a3c906","source":"https://github.com/curl/curl.git/commit/76f83f0db23846e254d940ec7fe141010077eb88","target":{"file":"lib/content_encoding.c","function":"gzip_do_write"},"digest":{"function_hash":"168896525302313406955222363662775095115","length":2508},"signature_version":"v1"},{"signature_type":"Function","deprecated":false,"id":"CURL-CVE-2025-0725-6158cded","source":"https://github.com/curl/curl.git/commit/76f83f0db23846e254d940ec7fe141010077eb88","target":{"file":"lib/content_encoding.c","function":"exit_zlib"},"digest":{"function_hash":"39270826339358882097054429076533369140","length":321},"signature_version":"v1"},{"signature_type":"Line","deprecated":false,"id":"CURL-CVE-2025-0725-c0b2ea96","source":"https://github.com/curl/curl.git/commit/76f83f0db23846e254d940ec7fe141010077eb88","target":{"file":"lib/content_encoding.c"},"digest":{"threshold":0.9,"line_hashes":["236267754694929501289564233082484222535","200696040692585403463439648895738753277","60845894295249300402371045709620699377","49972178874211801374787148175546180425","332591838543987166302839304162400862391","252835086527088184238608694584395463981","150675840616827511347869750147814771041","169522821797905292877675033744958828150","255048255832752320810687486827855982365","243064649949310788639829907233668932263","262949474071388489074653901127335294314","142680660897505406119653164609845491131","258744751755131181847296954295978072175","285145921178689077096206622165971766356","54260717971468768391514104508289882768","83299861369074052167407658064825942617","290501165083930570811544388178240186120","171146809897662422235138658846044881547","111532339163838739228027269074809338149","133986260147025877695246955263556851430","79778487104088533471626716341671516918","79232803291523634185547004210713396382","47512427426396239207135845579999753021","59279512616010374048775455161553628332","25462950861779172133609096941785325693","55588269951698804035036250091738429999","308997124565048775352450568771463917360","14274463666056009475211965315484736368","23367459784173241710728089041190177909","171421371697845923045155032808911954989","196779091870229077775100653603798267470","208005235792818465421401665831451139006","168727415830411617973842606409357158641","4464433991657045536630301711595355372","73743444074869324007513140434869402213","308997124565048775352450568771463917360","336531525996526569405359685498559718500","227654660124485990756150548711814054529","253482869664458950024146503402998211399","308997124565048775352450568771463917360","4637304696829473745731483115932530042","273608780212891723560280990805183936379","298340769877337009123010130136598424460","241056939890786628311726076122814843805","269776496286142667248742657670719663455","283827025877672519867439557547548664072","44026585785291848137931160395668104651","298035016632958506530008887050787029457","179253028203005606450850482014941584379","320909780808768762655797412387325648436","33716925131395923657980057616469280176","77263977023929041214670809652224402515","166743086906080346890141375155257338112","50905036539421745670809468151358497325","330274166216853328499444679660433240845","89739933738744894109494174529980256136","182502074644650052463446947411778538754","93592793097236037293292982748981774683","196372204882323266918837847945501227353","305140416614703626241976798892629740960","212306351164119945491220699381546529770","239328964480046242828221115292147664877","114037986862393577579712633918358618112","8679681849642930941602567215646523095","15974378803851764706086434385605121875","24444470476557735520898969983077240219","90163499340837882526915499902962836498","250025155322386603844828393115985918400","249768858836638634473597424571759697840","283541733094945914694664865635271252196","336265303408439515520468647346382393417","317686595998715713887384291854606929635","77942386541142843830078598505182519310","309814786663138929900396399295725236913","8152716221971367849707776483654413278","21494557680306636597921720074740363341","172028302927689502663839659749130028218","101446236223729195492113368852196105210","60148371805731193343247960618408591722","316020079801317962272398955066215369219","85345941698134536465229620231148564119","126500032900639235704705336621037570384","34192562607628835983918845600422069149","79111525736007142220332635975143825687","29584440882749068432895499242805872007","206881962961967076303198574513832693527","209999717941643035500483095749875962474","83391225412104349660889755633194069561","93505123976059129165021700620285628411","278648989659512964258254781929117660466","2822162873325789052709085466408273730","34845579044282412955163118703798558580","201012440583401477994956852219784653741","85268009813711932243902851412720131192","127910799686446251573032714796141972461","317915112987228983872984951541524076517","119595734250822418082916335346187764783","280344511622321411695542974513683595619","275192099548447832383800525090673748096","60059610764973870169843246002943218277","49844391517794685838076835267481242019","76341804671509269910631398806997431939","199877962925703450942246389708950545239","85268009813711932243902851412720131192","127910799686446251573032714796141972461","317915112987228983872984951541524076517","119595734250822418082916335346187764783","248011505254492228778879518783186899294","208396123633197538896909917404951483627","195794326641101915051733163022874743997","314767588845823051847009760232725004522","184304449333469176190818985933019527826","169204796304043744921613953130373325715","262577981016962832592580604281587179665","198724730918162650849259887148670910341","31600479885629917681626731910596127498","85051793500418472908116474791897279783","245245845117166595092519527316077913334","311579263449387856925089991404688774732","311013711066919953352147146160440830125","267581160311557490293215877340505884398","196779091870229077775100653603798267470","208005235792818465421401665831451139006","214469634834500897493148843523155348052","37514254385979372422104098776428747166","188613781260395865865465914202813350268","40016174350011050766946705201035269003","57368313449350010642948067202768471960","201004219110027551966071744104034823360","94187638178765553280639833404371787606","141081130155880146015086630255008635172","60010445593249155460334656908969812489","206539317268171235000760493808962522998","129391234846296386766272697238756979512","80782673127105910294022016644134935760","319093107105222570932656523338079300327","210371439450095273358593055843972334180","267256813811325853352529219627528472068","330860602155362680996971183021243869060","293799400885914990942080900360913144046","43869490619389589921175331977116897066","61356075616806396292413926384617917742","74842490961057145256799337896783078964","328245447078167101847233272789792737501","18116462552618615242605653401364141834","100501257918915584660699944308255579692","327894646208571085849219973959674599719","30002925672724963048063077990796803845","42964112585579739935707917933656283945","156729127667338416760818598748343579805","144864279328727344910500455448198287068","10721190753707158039402289330603035602","146208844262340086085843262833750691633","76374792724000501132491222808241471575","80451287157992390641788784020711712689","304732533880544484208827857510733455194","137762106264604372593914326701384906578","248156365991301101258521767655633637679","281040131363539445390818274751077887867","56584674604176881024831371197822542578","7329500564522132839419928820917396960","252960527167273387230615833891466000995","156002069392051010631138090419018065220","152582682308984367630252827853425179834","150267385668886945766754295965847178961","81270905825578530242280567770930209253","310735231476616876965859781518101611377","168035290037392036861492980660334005806","278405524611047889254019076311422718571","51033934948083726933780641952645731556","250688823634730716274109548382351324467","30002925672724963048063077990796803845","42964112585579739935707917933656283945","156729127667338416760818598748343579805","144864279328727344910500455448198287068","149071325462575329583775047342511369972","215219083654422198058300820152706786345","73706643008637269101124940991724805815","72088545109763230353717860143557421951","72572616018804265123169302639266928010","119850380773717683120406962859617301900","31450803300969957023384347945028616413","206078285543893404992214366511506824124","32923041438227450571304596763095457391","92245580969678910181058986961529257261","107101177658079355183859586218533752091","213357168893883325696791598583082674964","229019996258154893802406786380187371856","266357248971703037204001536401780769275","156943364051037789263876098960703768728","152731791182433545239782291924439819713","197365771650009385424052632898155552042","114461012368112818405289261758762161889","313461793542350583050908605065492755931","146401967725097150205042937443749409725","79406270927398197351271364630377606616","156183579009787260663211731452429713918","68929432369241408654439393460445668304","146434907016031812504924957374637387162","146834367987584407296889826374891970580","91491274425299633919141859044617704757","148483969151447462151054098771530200155","65380433739681660552095601077876956012","181822593914963426685548723461750091751","206272720721570774349595818437306400840","277116073668830807790703137640981885577","96984690232669854817004031152219246798","48015271189669931980916543795582656621","287571988745486666996808397449383351893","92142914419499787559546965837015440187","111421853253437495894245035526378283048","9355466837878927354551456712365860100","277192501119569551604527538813509797924","271184807053033304599151420766322457616","79140427521286862371788453161376059963","86870180202957864501521906460056784790","3807190962590693336437008127375591664","18651509573646673155299879642865346093","252015391942232771733368695419452225080","228982040719140391998927396052301756874","39369812834149534908745480067625741637","169426448813005951503957580966628933757","81495390229592012098768500501090135944","15509920279985516784997386449134690393","260262144771831548429231130322407729987","97895547482358327870420859977110731244","145471985900961916163149108452312206093","310653664690870263301232109867576338390","275308619706479456751112711373693799257","67529825641641062587593495742467212334","125671071167602083986930695528365362233","329730422179338294745041799724506890756","210074421598555571561769062377178951306","297836367681778046423847541972215849969","301417627224177005705664803414008234596","323794689037889794160483784180959598984","295184498559071815422703323573648094678"]},"signature_version":"v1"},{"signature_type":"Function","deprecated":false,"id":"CURL-CVE-2025-0725-d2c62d40","source":"https://github.com/curl/curl.git/commit/76f83f0db23846e254d940ec7fe141010077eb88","target":{"file":"lib/content_encoding.c","function":"gzip_do_init"},"digest":{"function_hash":"146684915780853530827077285482076992378","length":539},"signature_version":"v1"},{"signature_type":"Function","deprecated":false,"id":"CURL-CVE-2025-0725-fe19df11","source":"https://github.com/curl/curl.git/commit/76f83f0db23846e254d940ec7fe141010077eb88","target":{"file":"lib/content_encoding.c","function":"check_gzip_header"},"digest":{"function_hash":"162560073504462763242766379276408733327","length":1112},"signature_version":"v1"}],"source":"https://curl.se/docs/CURL-CVE-2025-0725.json"}}],"schema_version":"1.7.3","credits":[{"name":"z2_","type":"FINDER"},{"name":"Daniel Stenberg","type":"REMEDIATION_DEVELOPER"}]}