Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-32913

Опубликовано: 14 апр. 2025
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function.

Меры по смягчению последствий

Currently, no mitigation is available for this vulnerability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10libsoup3Not affected
Red Hat Enterprise Linux 6libsoupOut of support scope
Red Hat Enterprise Linux 7libsoupAffected
Red Hat Enterprise Linux 8libsoupFixedRHSA-2025:456006.05.2025
Red Hat Enterprise Linux 8mingw-freetypeFixedRHSA-2025:829229.05.2025
Red Hat Enterprise Linux 8spice-client-winFixedRHSA-2025:829229.05.2025
Red Hat Enterprise Linux 8libsoupFixedRHSA-2025:456006.05.2025
Red Hat Enterprise Linux 8.2 Advanced Update SupportlibsoupFixedRHSA-2025:453806.05.2025
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportlibsoupFixedRHSA-2025:460907.05.2025
Red Hat Enterprise Linux 8.4 Telecommunications Update ServicelibsoupFixedRHSA-2025:460907.05.2025

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=2359357libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header

EPSS

Процентиль: 34%
0.00132
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-32913

CVSS3: 7.5
ubuntu
2 месяца назад

A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function.

nvd логотип

CVE-2025-32913

CVSS3: 7.5
nvd
2 месяца назад

A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function.

msrc логотип

CVE-2025-32913

CVSS3: 7.5
msrc
около 2 месяцев назад

Описание отсутствует

debian логотип

CVE-2025-32913

CVSS3: 7.5
debian
2 месяца назад

A flaw was found in libsoup, where the soup_message_headers_get_conten ...

github логотип

GHSA-9589-mpwg-8xq6

CVSS3: 7.5
github
2 месяца назад

A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function.

EPSS

Процентиль: 34%
0.00132
Низкий

7.5 High

CVSS3