CVE-2025-32907

Опубликовано: 14 апр. 2025

Источник: ubuntu

Приоритет: medium

CVSS3: 5.3

Описание

A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. This does not allow for a full denial of service.

Релиз	Статус	Примечание
devel	released	2.74.3-10.1ubuntu4
esm-infra/bionic	released	2.62.1-1ubuntu0.4+esm6
esm-infra/focal	released	2.70.0-1ubuntu0.5+esm1
esm-infra/xenial	released	2.52.2-1ubuntu0.3+esm5
focal	ignored	end of standard support, was needs-triage
jammy	released	2.74.2-3ubuntu0.6
noble	released	2.74.3-6ubuntu1.6
oracular	ignored	end of life, was needs-triage
plucky	released	2.74.3-10ubuntu0.4
questing	released	2.74.3-10.1ubuntu4

Показывать по

Релиз	Статус	Примечание
devel	released	3.6.5-3
esm-apps/jammy	released	3.0.7-0ubuntu1+esm5
esm-infra/focal	DNE
focal	DNE
jammy	needed
noble	released	3.4.4-5ubuntu0.5
oracular	ignored	end of life, was needs-triage
plucky	released	3.6.5-1ubuntu0.2
questing	released	3.6.5-3
upstream	released	3.6.4

Показывать по

Ссылки на источники

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2025-32907

CVSS3: 5.3

redhat

7 месяцев назад

CVE-2025-32907

CVSS3: 5.3

nvd

7 месяцев назад

CVE-2025-32907

CVSS3: 5.3

msrc

4 месяца назад

Описание отсутствует

CVE-2025-32907

CVSS3: 5.3

debian

7 месяцев назад

A flaw was found in libsoup. The implementation of HTTP range requests ...

GHSA-7wfq-7p2f-6344

CVSS3: 7.5

github

7 месяцев назад

5.3 Medium

CVSS3

CVE-2025-32907

Описание

Пакет libsoup2.4

Пакет libsoup3

Ссылки на источники

Связанные уязвимости