Advisory ROSA-SA-2025-2945

software: curl 8.7.1 OS: ROSA-CHROME unaffected versions = curl-8.7.1-3 affected versions curl-8.7.1-3 CVE-ID: CVE-2025-0725 BDU-ID: 2025-01585 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the gzipdowrite function of the zlib compression library of the cURL command line utility is related to...

PT-2024-7663 · Curl +9 · Curl +9

Name of the Vulnerable Software and Affected Versions: curl versions prior to 8.10.1 Description: The issue is related to the implementation of the HSTS HTTP Strict Transport Security mechanism in the curl utility. When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a...

PT-2019-6378 · Curl +1 · Curl +1

Name of the Vulnerable Software and Affected Versions: curl version 7.65.2 Description: The issue is related to an integer overflow vulnerability in the tool operate.c file of curl, which can occur when a large value is specified as the retry delay. This may cause a denial of service to associate...