CVE-2025-2720

CVE-2025-2720 is a security vulnerability that is still awaiting full analysis and scoring.

Key facts

Description

Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: According to the code maintainer the call of the POC is invalid because the buffer pointed to by "data" must have "len" valid bytes. The docs were updated to make that clear.

Frequently asked questions

What is CVE-2025-2720?
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: According to the code maintainer the call of the POC is invalid because the buffer pointed to by "data" must have "len" valid bytes. The docs were updated to make that clear.
Is CVE-2025-2720 being actively exploited?
It is not currently listed in CISA's Known Exploited Vulnerabilities catalog, and no EPSS exploit-prediction score is available yet.
How do I fix CVE-2025-2720?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
Does CVE-2025-2720 have an EU (EUVD) identifier?
Yes. CVE-2025-2720 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2025-8038.
When was CVE-2025-2720 published?
CVE-2025-2720 was published on 2025-03-25 and last updated on 2025-03-27.