CVE-2025-0167 cPanel CVE debrief

Who should care

cPanel/WHM administrators and hosting operators using EasyApache 4, especially on systems that rely on the updated runtime and web stack packages included in the release.

Technical summary

The vendor release note for EasyApache 4 25.5 states that updated packages were published for NodeJS 20, NodeJS 22, SourceGuardian, Passenger, Memcached 1.6, and security updates for libcurl, Tomcat 10.1, and NGINX. The note explicitly lists CVE-2025-0167 among the CVEs addressed, but the provided corpus does not identify which package is associated with this CVE or describe the flaw class, impact, or exploitation conditions.

Defensive priority

Medium-High

Recommended defensive actions

• Apply the EasyApache 4 25.5 updates through the vendor-supported cPanel/WHM update path.
• Confirm whether your systems use any of the packages named in the release note, especially libcurl, Tomcat 10.1, or NGINX.
• Review the full EasyApache 4 change log and related cPanel release notes for package-level remediation details.
• Prioritize updates on internet-facing hosting and application servers that expose the affected EasyApache-managed components.
• Validate deployment after patching to ensure web applications and services continue to function as expected.

Evidence notes

Evidence is limited to the vendor-official EasyApache 4 25.5 release note and the linked official CVE record. The supplied source excerpt confirms that CVE-2025-0167 was addressed in this release, but it does not include a CVSS score, published/modified dates, exploit details, or a component-specific root cause for this CVE. No unsupported timing or impact claims are included.

Official resources