CVE-2025-32912

Опубликовано: 14 апр. 2025

Источник: redhat

CVSS3: 6.5

EPSS Низкий

Описание

A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash.

Меры по смягчению последствий

Currently, no mitigation is available for this vulnerability.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libsoup	Out of support scope
Red Hat Enterprise Linux 7	libsoup	Out of support scope
Red Hat Enterprise Linux 8	libsoup	Affected
Red Hat Enterprise Linux 9	libsoup	Will not fix
Red Hat Enterprise Linux 10	libsoup3	Fixed	RHSA-2025:7505	13.05.2025

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=2359356libsoup: NULL pointer dereference in client when server omits the "nonce" parameter in an Unauthorized response with Digest authentication

EPSS

Процентиль: 14%

0.00047

Низкий

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2025-32912

CVSS3: 6.5

ubuntu

2 месяца назад

A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash.

CVE-2025-32912

CVSS3: 6.5

nvd

2 месяца назад

A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash.

CVE-2025-32912

CVSS3: 6.5

msrc

около 2 месяцев назад

Описание отсутствует

CVE-2025-32912

CVSS3: 6.5

debian

2 месяца назад

A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a N ...

GHSA-hhmv-6rqc-qrc8

CVSS3: 6.5

github

2 месяца назад

A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash.

EPSS

Процентиль: 14%

0.00047

Низкий

6.5 Medium

CVSS3