[Buildroot] [PATCH] package/civetweb: add patch for CVE-2025-55763
Julien Olivain
ju.o at free.fr
Thu Sep 18 19:34:34 UTC 2025
On 18/09/2025 08:51, Thomas Perale via buildroot wrote:
> This fixes the following vulnerability:
>
> - CVE-2025-55763
>
> Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16
> (latest)
> allows a remote attacker to achieve remote code execution via a crafted
> HTTP request. This vulnerability is triggered during request processing
> and may allow an attacker to corrupt heap memory, potentially leading
> to
> denial of service or arbitrary code execution.
>
> For more information, see:
> - https://nvd.nist.gov//vuln/detail/CVE-2025-55763
> -
> https://github.com/civetweb/civetweb/commit/76e222bcb77ba8452e5da4e82ae6cecd499c25e0
>
> Signed-off-by: Thomas Perale <thomas.perale at mind.be>
Applied to master, thanks.
More information about the buildroot
mailing list