CVE-2025-32049

Опубликовано: 03 апр. 2025

Источник: debian

EPSS Низкий

Описание

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS).

Пакеты

Пакет	Статус	Релиз	Тип
libsoup3	unfixed		package
libsoup3	no-dsa	trixie	package
libsoup3	no-dsa	bookworm	package
libsoup2.4	unfixed		package
libsoup2.4	no-dsa	trixie	package
libsoup2.4	no-dsa	bookworm	package

Примечания

https://gitlab.gnome.org/GNOME/libsoup/-/issues/390
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/408
Proposed fix adds an option with the default retaining old behaviour:
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/408#note_2394070

EPSS

Процентиль: 62%

0.0043

Низкий

Связанные уязвимости

CVE-2025-32049

CVSS3: 7.5

ubuntu

7 месяцев назад

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS).

CVE-2025-32049

CVSS3: 7.5

redhat

7 месяцев назад

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS).

CVE-2025-32049

CVSS3: 7.5

nvd

7 месяцев назад

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS).

CVE-2025-32049

msrc

2 месяца назад

Libsoup: denial of service attack to websocket server

GHSA-fqvp-p5gx-qqhg

CVSS3: 7.5

github

7 месяцев назад

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS).

EPSS

Процентиль: 62%

0.0043

Низкий