Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-32908

Опубликовано: 14 апр. 2025
Источник: debian
EPSS Низкий

Описание

A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS).

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libsoup3fixed3.6.5-2package
libsoup3no-dsabookwormpackage
libsoup2.4not-affectedpackage

Примечания

  • https://gitlab.gnome.org/GNOME/libsoup/-/issues/429

  • https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/451

  • Introduced after: https://gitlab.gnome.org/GNOME/libsoup/-/commit/5fb25e7810498170dd3458c9509035cef945e299 (3.1.2)

  • https://gitlab.gnome.org/GNOME/libsoup/-/commit/a792b23ab87cacbf4dd9462bf7b675fa678efbae

EPSS

Процентиль: 27%
0.00094
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-32908

CVSS3: 7.5
ubuntu
7 месяцев назад

A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS).

redhat логотип

CVE-2025-32908

CVSS3: 7.5
redhat
7 месяцев назад

A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS).

nvd логотип

CVE-2025-32908

CVSS3: 7.5
nvd
7 месяцев назад

A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS).

msrc логотип

CVE-2025-32908

CVSS3: 7.5
msrc
6 месяцев назад

Libsoup: denial of service on libsoup through http/2 server

github логотип

GHSA-7hqq-7crg-xr49

CVSS3: 7.5
github
7 месяцев назад

A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS).

EPSS

Процентиль: 27%
0.00094
Низкий