CVE-2025-32909

Опубликовано: 14 апр. 2025

Источник: debian

EPSS Низкий

Описание

A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libsoup3	fixed	3.6.4-1		package
libsoup3	fixed	3.2.3-0+deb12u1	bookworm	package
libsoup2.4	fixed	2.74.3-10.1		package
libsoup2.4	no-dsa		bookworm	package

Примечания

https://gitlab.gnome.org/GNOME/libsoup/-/issues/431
Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/ba4c3a6f988beff59e45801ab36067293d24ce92 (3.6.2)

EPSS

Процентиль: 17%

0.00055

Низкий

Связанные уязвимости

CVE-2025-32909

CVSS3: 5.3

ubuntu

5 месяцев назад

A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash.

CVE-2025-32909

CVSS3: 5.3

redhat

5 месяцев назад

A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash.

CVE-2025-32909

CVSS3: 5.3

nvd

5 месяцев назад

A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash.

CVE-2025-32909

CVSS3: 5.3

msrc

5 месяцев назад

Описание отсутствует

GHSA-wcmh-fj7m-gv6r

CVSS3: 5.3

github

5 месяцев назад

A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash.

EPSS

Процентиль: 17%

0.00055

Низкий