CVE-2025-32910

Опубликовано: 14 апр. 2025

Источник: debian

EPSS Низкий

Описание

A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the libsoup client to crash.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libsoup3	fixed	3.6.4-1		package
libsoup3	no-dsa		bookworm	package
libsoup2.4	fixed	2.74.3-10.1		package
libsoup2.4	no-dsa		bookworm	package

Примечания

https://gitlab.gnome.org/GNOME/libsoup/-/issues/432
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/417
Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/ea16eeacb052e423eb5c3b0b705e5eab34b13832 (3.6.2)

EPSS

Процентиль: 14%

0.00047

Низкий

Связанные уязвимости

CVE-2025-32910

CVSS3: 6.5

ubuntu

2 месяца назад

A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the libsoup client to crash.

CVE-2025-32910

CVSS3: 6.5

redhat

2 месяца назад

A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the libsoup client to crash.

CVE-2025-32910

CVSS3: 6.5

nvd

2 месяца назад

A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the libsoup client to crash.

CVE-2025-32910

CVSS3: 6.5

msrc

около 2 месяцев назад

Описание отсутствует

GHSA-65wf-c9wx-f4v7

CVSS3: 6.5

github

2 месяца назад

A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the libsoup client to crash.

EPSS

Процентиль: 14%

0.00047

Низкий