AZL-70049

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-70049.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-70049

Upstream

CVE-2025-62689

Published

2025-11-10T05:15:49Z

Modified

2026-04-21T04:36:18.299722Z

Summary

CVE-2025-62689 affecting package libmicrohttpd for versions less than 0.9.77-4

Details

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-62689

Affected packages

Azure Linux:3 / libmicrohttpd

Package

Name: libmicrohttpd
Purl: pkg:rpm/azure-linux/libmicrohttpd

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.77-4

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-70049.json"