CVE-2025-32913

Опубликовано: 14 апр. 2025

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 7.5

Описание

A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function.

Релиз	Статус	Примечание
devel	not-affected	2.74.3-10.1
esm-infra/bionic	released	2.62.1-1ubuntu0.4+esm2
esm-infra/focal	released	2.70.0-1ubuntu0.3
esm-infra/xenial	released	2.52.2-1ubuntu0.3+esm1
focal	released	2.70.0-1ubuntu0.3
jammy	released	2.74.2-3ubuntu0.3
noble	released	2.74.3-6ubuntu1.3
oracular	released	2.74.3-7ubuntu0.3
plucky	released	2.74.3-10ubuntu0.1
questing	not-affected	2.74.3-10.1

Показывать по

Релиз	Статус	Примечание
devel	not-affected	3.6.4-2
esm-apps/jammy	released	3.0.7-0ubuntu1+esm3
esm-infra/focal	DNE
focal	DNE
jammy	needed
noble	released	3.4.4-5ubuntu0.3
oracular	released	3.6.0-2ubuntu0.3
plucky	not-affected	3.6.4-2
questing	not-affected	3.6.4-2
upstream	released	3.6.4-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 35%

0.00144

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2025-32913

CVSS3: 7.5

redhat

7 месяцев назад

CVE-2025-32913

CVSS3: 7.5

nvd

7 месяцев назад

CVE-2025-32913

CVSS3: 7.5

msrc

7 месяцев назад

Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header

CVE-2025-32913

CVSS3: 7.5

debian

7 месяцев назад

A flaw was found in libsoup, where the soup_message_headers_get_conten ...

GHSA-9589-mpwg-8xq6

CVSS3: 7.5

github

7 месяцев назад

EPSS

Процентиль: 35%

0.00144

Низкий

7.5 High

CVSS3

CVE-2025-32913

Описание

Пакет libsoup2.4

Пакет libsoup3

Ссылки на источники

Связанные уязвимости