CVE-2025-46420

Опубликовано: 24 апр. 2025

Источник: debian

EPSS Низкий

Описание

A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libsoup3	fixed	3.6.4-1		package
libsoup3	no-dsa		bookworm	package
libsoup2.4	fixed	2.74.3-10.1		package
libsoup2.4	no-dsa		bookworm	package

Примечания

https://gitlab.gnome.org/GNOME/libsoup/-/issues/438
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/421
Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/c9083869ec2a3037e6df4bd86b45c419ba295f8e (3.6.2)

EPSS

Процентиль: 29%

0.00101

Низкий

Связанные уязвимости

CVE-2025-46420

CVSS3: 6.5

ubuntu

около 2 месяцев назад

A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes.

CVE-2025-46420

CVSS3: 6.5

redhat

около 2 месяцев назад

A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes.

CVE-2025-46420

CVSS3: 6.5

nvd

около 2 месяцев назад

A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes.

CVE-2025-46420

CVSS3: 6.5

msrc

около 1 месяца назад

Описание отсутствует

ROS-20250526-08

CVSS3: 6.5

redos

24 дня назад

Уязвимость libsoup

EPSS

Процентиль: 29%

0.00101

Низкий