AZL-70046

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-70046.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-70046

Upstream

CVE-2025-59777

Published

2025-11-10T05:15:44Z

Modified

2026-04-21T04:36:17.751556Z

Summary

CVE-2025-59777 affecting package libmicrohttpd for versions less than 0.9.77-4

Details

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-59777

Affected packages

Azure Linux:3 / libmicrohttpd

Package

Name: libmicrohttpd
Purl: pkg:rpm/azure-linux/libmicrohttpd

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.77-4

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-70046.json"