CVE-2025-32911

Опубликовано: 15 апр. 2025

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 9

Описание

A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.

Релиз	Статус	Примечание
devel	not-affected	2.74.3-10.1
esm-infra/bionic	released	2.62.1-1ubuntu0.4+esm2
esm-infra/focal	released	2.70.0-1ubuntu0.3
esm-infra/xenial	released	2.52.2-1ubuntu0.3+esm1
focal	released	2.70.0-1ubuntu0.3
jammy	released	2.74.2-3ubuntu0.3
noble	released	2.74.3-6ubuntu1.3
oracular	released	2.74.3-7ubuntu0.3
plucky	released	2.74.3-10ubuntu0.1
questing	not-affected	2.74.3-10.1

Показывать по

Релиз	Статус	Примечание
devel	not-affected	3.6.4-2
esm-apps/jammy	released	3.0.7-0ubuntu1+esm3
esm-infra/focal	DNE
focal	DNE
jammy	needed
noble	released	3.4.4-5ubuntu0.3
oracular	released	3.6.0-2ubuntu0.3
plucky	not-affected	3.6.4-2
questing	not-affected	3.6.4-2
upstream	released	3.6.4-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 26%

0.00089

Низкий

9 Critical

CVSS3

Связанные уязвимости

CVE-2025-32911

CVSS3: 9

redhat

7 месяцев назад

CVE-2025-32911

CVSS3: 9

nvd

7 месяцев назад

CVE-2025-32911

CVSS3: 9

msrc

2 месяца назад

Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value

CVE-2025-32911

CVSS3: 9

debian

7 месяцев назад

A use-after-free type vulnerability was found in libsoup, in the soup_ ...

GHSA-fp4x-j6ch-w8q5

CVSS3: 9

github

7 месяцев назад

A flaw was found in libsoup, which is vulnerable to a use-after-free memory issue not on the heap in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.

EPSS

Процентиль: 26%

0.00089

Низкий

9 Critical

CVSS3

CVE-2025-32911

Описание

Пакет libsoup2.4

Пакет libsoup3

Ссылки на источники

Связанные уязвимости