Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-8197

Опубликовано: 25 июл. 2025
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

A global buffer overflow vulnerability was found in the soup_header_name_to_string function in Libsoup. The soup_header_name_to_string function does not validate the name parameter passed in, and directly accesses soup_header_name_strings[name]. The value of name is controllable, when name exceeds the index range of soup_headr_name_string, it will cause an out-of-bounds access.

Меры по смягчению последствий

Currently, no mitigation is available for this vulnerability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10libsoup3Fix deferred
Red Hat Enterprise Linux 6libsoupOut of support scope
Red Hat Enterprise Linux 7libsoupOut of support scope
Red Hat Enterprise Linux 8libsoupFix deferred
Red Hat Enterprise Linux 9libsoupFix deferred

Показывать по

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-787

EPSS

Процентиль: 2%
0.00014
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVSS3: 5.5
ubuntu
9 дней назад

A global buffer overflow vulnerability was found in the soup_header_name_to_string function in Libsoup. The `soup_header_name_to_string` function does not validate the `name` parameter passed in, and directly accesses `soup_header_name_strings[name]`. The value of `name` is controllable, when `name` exceeds the index range of `soup_headr_name_string`, it will cause an out-of-bounds access.

CVSS3: 5.5
nvd
9 дней назад

A global buffer overflow vulnerability was found in the soup_header_name_to_string function in Libsoup. The `soup_header_name_to_string` function does not validate the `name` parameter passed in, and directly accesses `soup_header_name_strings[name]`. The value of `name` is controllable, when `name` exceeds the index range of `soup_headr_name_string`, it will cause an out-of-bounds access.

CVSS3: 5.5
debian
9 дней назад

A global buffer overflow vulnerability was found in the soup_header_na ...

CVSS3: 5.5
github
9 дней назад

A global buffer overflow vulnerability was found in the soup_header_name_to_string function in Libsoup. The `soup_header_name_to_string` function does not validate the `name` parameter passed in, and directly accesses `soup_header_name_strings[name]`. The value of `name` is controllable, when `name` exceeds the index range of `soup_headr_name_string`, it will cause an out-of-bounds access.

EPSS

Процентиль: 2%
0.00014
Низкий

5.5 Medium

CVSS3