CVEFinder.io

CVE-2025-0167

ℹī¸ low
Summary

When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `default` entry that omits both login and password. A rare circumstance.

CVSS Score
3.4
Low
EPSS Score
0.2
Exploit Probability
Published Date
2025-02-05
First Seen: 2026-01-05
Last Modified 2025-07-30
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

🔗 References 5

https://curl.se/docs/CVE-2025-0167.html
Vendor Advisory
https://curl.se/docs/CVE-2025-0167.json
Vendor Advisory
https://hackerone.com/reports/2917232
Exploit Issue Tracking Third Party Advisory
https://security.netapp.com/advisory/ntap-20250306-0...
Third Party Advisory
https://curl.se/docs/CVE-2025-0167.html
Vendor Advisory

đŸ“Ļ Affected Products 16

Vendor Product Status Affected Versions
haxx curl Affected
≥ 7.76.0 < 8.12.0
netapp ontap_select_deploy_administration_utility Affected
v-
netapp element_software Affected
v-
netapp h610s_firmware Affected
v-
netapp solidfire_\&_hci_management_node Affected
v-
netapp h300s_firmware Affected
v-
netapp h410c_firmware Affected
v-
netapp h410s_firmware Affected
v-
netapp h500s_firmware Affected
v-
netapp h700s_firmware Affected
v-
netapp solidfire_\&_hci_storage_node Affected
v-
netapp h610c_firmware Affected
v-
netapp h615c_firmware Affected
v-
netapp ontap_tools Affected
v9
netapp bootstrap_os Affected
v-
netapp ontap Affected
v9

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-22050 đŸ”ļ medium 4.3 0.0 ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a ... 2026-01-12
CVE-2025-13034 đŸ”ļ medium 5.9 0.0 When using `CURLOPT_PINNEDPUBLICKEY` option with libcurl or `--pinnedpubkey` with the curl tool,curl should check the pu... 2026-01-08
CVE-2025-14017 đŸ”ļ medium 6.3 0.0 When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in one thread would inadver... 2026-01-08
CVE-2025-14524 đŸ”ļ medium 5.3 0.0 When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-protocol redirect to a s... 2026-01-08
CVE-2025-14819 đŸ”ļ medium 5.3 0.0 When doing TLS related transfers with reused easy or multi handles and altering the `CURLSSLOPT_NO_PARTIALCHAIN` option... 2026-01-08
CVE-2025-15079 đŸ”ļ medium 5.3 0.0 When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file, libcurl could still mistakenl... 2026-01-08
These CVEs affect the same products