2391825 – (CVE-2025-55763) CVE-2025-55763 civetweb: CivetWeb buffer overflow

Bug 2391825 (CVE-2025-55763) - CVE-2025-55763 civetweb: CivetWeb buffer overflow

Summary: CVE-2025-55763 civetweb: CivetWeb buffer overflow

Keywords:
Status:	NEW
Alias:	CVE-2025-55763
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2391888 2391889 2391890 2391891 2391892
Blocks:
TreeView+	depends on / blocked

Reported:	2025-08-29 17:01 UTC by OSIDB Bzimport
Modified:	2025-09-02 14:21 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-08-29 17:01:19 UTC

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of service or arbitrary code execution.

Note You need to log in before you can comment on or make changes to this bug.