Описание
A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.
Отчет
Red Hat rates this with a Moderate impact as the flaw may be targeting Confidentiality and Integrity specific to each request.
Меры по смягчению последствий
Currently no mitigation is available for this vulnerability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libsoup | Out of support scope | ||
| Red Hat Enterprise Linux 10 | libsoup3 | Fixed | RHSA-2025:7505 | 13.05.2025 |
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | libsoup | Fixed | RHSA-2025:9179 | 17.06.2025 |
| Red Hat Enterprise Linux 8 | libsoup | Fixed | RHSA-2025:8132 | 26.05.2025 |
| Red Hat Enterprise Linux 8 | libsoup | Fixed | RHSA-2025:8132 | 26.05.2025 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | libsoup | Fixed | RHSA-2025:8480 | 04.06.2025 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | libsoup | Fixed | RHSA-2025:8663 | 09.06.2025 |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | libsoup | Fixed | RHSA-2025:8482 | 04.06.2025 |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | libsoup | Fixed | RHSA-2025:8482 | 04.06.2025 |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | libsoup | Fixed | RHSA-2025:8482 | 04.06.2025 |
Показывать по
Дополнительная информация
Статус:
7 High
CVSS3
Связанные уязвимости
A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.
A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.
A flaw was found in libsoup. The package is vulnerable to a heap buffe ...
A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.
7 High
CVSS3