Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1050800?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1050800?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.72.0-2", "type": "deb", "namespace": "debian", "name": "libsoup2.4", "version": "2.72.0-2", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70407?format=api", "vulnerability_id": "VCID-24tr-cene-gfch", "summary": "libsoup: Double free on soup_message_headers_get_content_disposition() through \"soup-message-headers.c\" via \"params\" GHashTable value", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32911.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32911.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69916", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69856", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69907", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69774", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69789", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69765", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69814", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69829", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69852", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69837", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69822", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69864", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69874", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32911" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103515", "reference_id": "1103515", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103515" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359355", "reference_id": "2359355", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359355" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32911", "reference_id": "CVE-2025-32911", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21657", "reference_id": "RHSA-2025:21657", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4439", "reference_id": "RHSA-2025:4439", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4440", "reference_id": "RHSA-2025:4440", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4508", "reference_id": "RHSA-2025:4508", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4538", "reference_id": "RHSA-2025:4538", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4560", "reference_id": "RHSA-2025:4560", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4568", "reference_id": "RHSA-2025:4568", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4609", "reference_id": "RHSA-2025:4609", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4609" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4624", "reference_id": "RHSA-2025:4624", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7436", "reference_id": "RHSA-2025:7436", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8292", "reference_id": "RHSA-2025:8292", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9179", "reference_id": "RHSA-2025:9179", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9179" }, { "reference_url": "https://usn.ubuntu.com/7490-1/", "reference_id": "USN-7490-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-1/" }, { "reference_url": "https://usn.ubuntu.com/7490-3/", "reference_id": "USN-7490-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994706?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-10.1" } ], "aliases": [ "CVE-2025-32911" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-24tr-cene-gfch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70468?format=api", "vulnerability_id": "VCID-4m39-v7d7-1ba7", "summary": "libsoup: Integer overflow in append_param_quoted", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32050.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32050.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75455", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75417", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75451", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75327", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75359", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75338", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75382", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75392", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75412", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.7539", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75379", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.7542", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75427", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102212", "reference_id": "1102212", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102212" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357067", "reference_id": "2357067", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357067" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32050", "reference_id": "CVE-2025-32050", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4440", "reference_id": "RHSA-2025:4440", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4508", "reference_id": "RHSA-2025:4508", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4560", "reference_id": "RHSA-2025:4560", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4568", "reference_id": "RHSA-2025:4568", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7436", "reference_id": "RHSA-2025:7436", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8292", "reference_id": "RHSA-2025:8292", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8292" }, { "reference_url": "https://usn.ubuntu.com/7432-1/", "reference_id": "USN-7432-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7432-1/" }, { "reference_url": "https://usn.ubuntu.com/7565-1/", "reference_id": "USN-7565-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7565-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994706?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-10.1" } ], "aliases": [ "CVE-2025-32050" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4m39-v7d7-1ba7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70750?format=api", "vulnerability_id": "VCID-6skx-v6sg-53gq", "summary": "libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2784.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2784.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2784", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02145", "scoring_system": "epss", "scoring_elements": "0.84169", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02145", "scoring_system": "epss", "scoring_elements": "0.84246", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02145", "scoring_system": "epss", "scoring_elements": "0.84247", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02145", "scoring_system": "epss", "scoring_elements": "0.84251", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02145", "scoring_system": "epss", "scoring_elements": "0.84276", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02145", "scoring_system": "epss", "scoring_elements": "0.84285", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02145", "scoring_system": "epss", "scoring_elements": "0.84187", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02145", "scoring_system": "epss", "scoring_elements": "0.84188", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02145", "scoring_system": "epss", "scoring_elements": "0.8421", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02145", "scoring_system": "epss", "scoring_elements": "0.84216", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02145", "scoring_system": "epss", "scoring_elements": "0.84234", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02145", "scoring_system": "epss", "scoring_elements": "0.84228", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02145", "scoring_system": "epss", "scoring_elements": "0.84224", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2784" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102208", "reference_id": "1102208", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102208" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354669", "reference_id": "2354669", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354669" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/422", "reference_id": "422", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/422" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-2784", "reference_id": "CVE-2025-2784", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-2784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21657", "reference_id": "RHSA-2025:21657", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7505", "reference_id": "RHSA-2025:7505", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8126", "reference_id": "RHSA-2025:8126", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8132", "reference_id": "RHSA-2025:8132", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8139", "reference_id": "RHSA-2025:8139", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8140", "reference_id": "RHSA-2025:8140", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8252", "reference_id": "RHSA-2025:8252", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8480", "reference_id": "RHSA-2025:8480", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8481", "reference_id": "RHSA-2025:8481", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8482", "reference_id": "RHSA-2025:8482", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8663", "reference_id": "RHSA-2025:8663", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9179", "reference_id": "RHSA-2025:9179", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9179" }, { "reference_url": "https://usn.ubuntu.com/7432-1/", "reference_id": "USN-7432-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7432-1/" }, { "reference_url": "https://usn.ubuntu.com/7565-1/", "reference_id": "USN-7565-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7565-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994706?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-10.1" } ], "aliases": [ "CVE-2025-2784" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6skx-v6sg-53gq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69632?format=api", "vulnerability_id": "VCID-7hhg-3u9v-nqfw", "summary": "libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52803", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52898", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52905", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52889", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52857", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52867", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.5283", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52797", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52849", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52843", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52893", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52877", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52862", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4945" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106205", "reference_id": "1106205", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106205" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106375", "reference_id": "1106375", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106375" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367175", "reference_id": "2367175", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367175" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/448", "reference_id": "448", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/448" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1", "reference_id": "cpe:/o:redhat:enterprise_linux:10.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-4945", "reference_id": "CVE-2025-4945", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-4945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19713", "reference_id": "RHSA-2025:19713", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19714", "reference_id": "RHSA-2025:19714", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19714" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19720", "reference_id": "RHSA-2025:19720", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:20959", "reference_id": "RHSA-2025:20959", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:20959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21032", "reference_id": "RHSA-2025:21032", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21655", "reference_id": "RHSA-2025:21655", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21656", "reference_id": "RHSA-2025:21656", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21657", "reference_id": "RHSA-2025:21657", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21664", "reference_id": "RHSA-2025:21664", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21664" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21665", "reference_id": "RHSA-2025:21665", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21665" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21666", "reference_id": "RHSA-2025:21666", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21666" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21772", "reference_id": "RHSA-2025:21772", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22013", "reference_id": "RHSA-2025:22013", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22013" }, { "reference_url": "https://usn.ubuntu.com/7643-1/", "reference_id": "USN-7643-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7643-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" } ], "aliases": [ "CVE-2025-4945" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7hhg-3u9v-nqfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69571?format=api", "vulnerability_id": "VCID-9uua-rxjd-fkf6", "summary": "libsoup: Off-by-One Out-of-Bounds Read in find_boundary() in soup-multipart.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4969.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4969.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4969", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68613", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68481", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68581", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68558", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68607", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.685", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68477", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68527", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68545", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68571", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68559", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68528", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68568", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4969" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106248", "reference_id": "1106248", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106248" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106325", "reference_id": "1106325", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106325" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367552", "reference_id": "2367552", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-21T10:19:28Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367552" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-4969", "reference_id": "CVE-2025-4969", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-21T10:19:28Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-4969" }, { "reference_url": "https://usn.ubuntu.com/7643-1/", "reference_id": "USN-7643-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7643-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" } ], "aliases": [ "CVE-2025-4969" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9uua-rxjd-fkf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70405?format=api", "vulnerability_id": "VCID-athp-xk5g-jbhu", "summary": "libsoup: NULL Pointer Dereference on libsoup through function \"sniff_mp4\" in soup-content-sniffer.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32909.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32909.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66938", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66889", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66951", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66971", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66957", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66926", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66959", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66973", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66916", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.7033", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70268", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70321", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32909" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103517", "reference_id": "1103517", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103517" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359353", "reference_id": "2359353", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:33:27Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359353" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32909", "reference_id": "CVE-2025-32909", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:33:27Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8292", "reference_id": "RHSA-2025:8292", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:33:27Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8292" }, { "reference_url": "https://usn.ubuntu.com/7490-1/", "reference_id": "USN-7490-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-1/" }, { "reference_url": "https://usn.ubuntu.com/7490-3/", "reference_id": "USN-7490-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994706?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-10.1" } ], "aliases": [ "CVE-2025-32909" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-athp-xk5g-jbhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70406?format=api", "vulnerability_id": "VCID-f481-8mb7-dbed", "summary": "libsoup: Null pointer deference on libsoup via /auth/soup-auth-digest.c through \"soup_auth_digest_authenticate\" on client when server omits the \"realm\" parameter in an Unauthorized response with Digest authentication", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32910.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32910.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32910", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59584", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.5959", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59649", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59669", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59652", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59632", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59665", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59673", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59615", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59636", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0046", "scoring_system": "epss", "scoring_elements": "0.64161", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0046", "scoring_system": "epss", "scoring_elements": "0.64175", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0046", "scoring_system": "epss", "scoring_elements": "0.64141", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32910" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32910", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32910" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103516", "reference_id": "1103516", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103516" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359354", "reference_id": "2359354", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:54:36Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359354" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32910", "reference_id": "CVE-2025-32910", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:54:36Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8292", "reference_id": "RHSA-2025:8292", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:54:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8292" }, { "reference_url": "https://usn.ubuntu.com/7490-1/", "reference_id": "USN-7490-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-1/" }, { "reference_url": "https://usn.ubuntu.com/7490-3/", "reference_id": "USN-7490-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994706?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-10.1" } ], "aliases": [ "CVE-2025-32910" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f481-8mb7-dbed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70168?format=api", "vulnerability_id": "VCID-htuv-qv35-gycj", "summary": "libsoup: Memory leak on soup_header_parse_quality_list() via soup-headers.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46420.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46420.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-46420", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78087", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78055", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78054", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78048", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78081", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.7797", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.77999", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.77981", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78008", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78012", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78039", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78022", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.7802", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-46420" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46420" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104055", "reference_id": "1104055", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104055" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2361963", "reference_id": "2361963", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2361963" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/438", "reference_id": "438", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/438" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-46420", "reference_id": "CVE-2025-46420", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-46420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4439", "reference_id": "RHSA-2025:4439", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4440", "reference_id": "RHSA-2025:4440", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4508", "reference_id": "RHSA-2025:4508", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4538", "reference_id": "RHSA-2025:4538", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4560", "reference_id": "RHSA-2025:4560", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4568", "reference_id": "RHSA-2025:4568", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4609", "reference_id": "RHSA-2025:4609", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4609" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4624", "reference_id": "RHSA-2025:4624", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7436", "reference_id": "RHSA-2025:7436", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7436" }, { "reference_url": "https://usn.ubuntu.com/7490-1/", "reference_id": "USN-7490-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-1/" }, { "reference_url": "https://usn.ubuntu.com/7490-3/", "reference_id": "USN-7490-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994706?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-10.1" } ], "aliases": [ "CVE-2025-46420" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-htuv-qv35-gycj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70408?format=api", "vulnerability_id": "VCID-k9bu-zasm-vfgr", "summary": "libsoup: NULL pointer dereference in client when server omits the \"nonce\" parameter in an Unauthorized response with Digest authentication", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32912.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32912.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32912", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59584", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.5959", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59649", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59669", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59652", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59632", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59665", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59673", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59615", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00383", "scoring_system": "epss", "scoring_elements": "0.59636", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0046", "scoring_system": "epss", "scoring_elements": "0.64161", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0046", "scoring_system": "epss", "scoring_elements": "0.64175", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0046", "scoring_system": "epss", "scoring_elements": "0.64141", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32912" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103516", "reference_id": "1103516", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103516" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359356", "reference_id": "2359356", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:32:52Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359356" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32912", "reference_id": "CVE-2025-32912", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:32:52Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7505", "reference_id": "RHSA-2025:7505", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:32:52Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7505" }, { "reference_url": "https://usn.ubuntu.com/7490-1/", "reference_id": "USN-7490-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-1/" }, { "reference_url": "https://usn.ubuntu.com/7490-2/", "reference_id": "USN-7490-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-2/" }, { "reference_url": "https://usn.ubuntu.com/7490-3/", "reference_id": "USN-7490-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994706?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-10.1" } ], "aliases": [ "CVE-2025-32912" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k9bu-zasm-vfgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70402?format=api", "vulnerability_id": "VCID-ku6w-4wsv-qbe4", "summary": "libsoup: Out of bounds reads in soup_headers_parse_request()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32906.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32906.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00795", "scoring_system": "epss", "scoring_elements": "0.74053", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00795", "scoring_system": "epss", "scoring_elements": "0.73929", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00795", "scoring_system": "epss", "scoring_elements": "0.7402", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00795", "scoring_system": "epss", "scoring_elements": "0.74012", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00795", "scoring_system": "epss", "scoring_elements": "0.74045", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00795", "scoring_system": "epss", "scoring_elements": "0.73954", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00795", "scoring_system": "epss", "scoring_elements": "0.73926", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00795", "scoring_system": "epss", "scoring_elements": "0.7396", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00795", "scoring_system": "epss", "scoring_elements": "0.73974", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00795", "scoring_system": "epss", "scoring_elements": "0.73997", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00795", "scoring_system": "epss", "scoring_elements": "0.73979", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00795", "scoring_system": "epss", "scoring_elements": "0.73971", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00795", "scoring_system": "epss", "scoring_elements": "0.74011", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32906" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103521", "reference_id": "1103521", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103521" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359341", "reference_id": "2359341", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359341" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32906", "reference_id": "CVE-2025-32906", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21657", "reference_id": "RHSA-2025:21657", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4439", "reference_id": "RHSA-2025:4439", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4440", "reference_id": "RHSA-2025:4440", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4508", "reference_id": "RHSA-2025:4508", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4538", "reference_id": "RHSA-2025:4538", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4560", "reference_id": "RHSA-2025:4560", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4568", "reference_id": "RHSA-2025:4568", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4609", "reference_id": "RHSA-2025:4609", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4609" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4624", "reference_id": "RHSA-2025:4624", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7436", "reference_id": "RHSA-2025:7436", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7505", "reference_id": "RHSA-2025:7505", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8292", "reference_id": "RHSA-2025:8292", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9179", "reference_id": "RHSA-2025:9179", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9179" }, { "reference_url": "https://usn.ubuntu.com/7490-1/", "reference_id": "USN-7490-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-1/" }, { "reference_url": "https://usn.ubuntu.com/7490-3/", "reference_id": "USN-7490-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994706?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-10.1" } ], "aliases": [ "CVE-2025-32906" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ku6w-4wsv-qbe4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69633?format=api", "vulnerability_id": "VCID-rd74-1427-eybf", "summary": "libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4948.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4948.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4948", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76778", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76875", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.7688", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76871", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76903", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.7691", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76807", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76787", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76819", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76829", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76858", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76837", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76831", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4948" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106204", "reference_id": "1106204", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106204" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106337", "reference_id": "1106337", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106337" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367183", "reference_id": "2367183", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367183" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/449", "reference_id": "449", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/449" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-4948", "reference_id": "CVE-2025-4948", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-4948" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21657", "reference_id": "RHSA-2025:21657", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8126", "reference_id": "RHSA-2025:8126", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8128", "reference_id": "RHSA-2025:8128", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8132", "reference_id": "RHSA-2025:8132", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8139", "reference_id": "RHSA-2025:8139", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8140", "reference_id": "RHSA-2025:8140", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8252", "reference_id": "RHSA-2025:8252", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8480", "reference_id": "RHSA-2025:8480", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8481", "reference_id": "RHSA-2025:8481", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8482", "reference_id": "RHSA-2025:8482", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8663", "reference_id": "RHSA-2025:8663", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9179", "reference_id": "RHSA-2025:9179", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9179" }, { "reference_url": "https://usn.ubuntu.com/7643-1/", "reference_id": "USN-7643-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7643-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" } ], "aliases": [ "CVE-2025-4948" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rd74-1427-eybf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69773?format=api", "vulnerability_id": "VCID-sabm-gujq-j3fb", "summary": "libsoup: Null pointer dereference in libsoup may lead to Denial Of Service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4476.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4476.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49601", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49578", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49643", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49641", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49611", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49605", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49557", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49612", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49606", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49623", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49594", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49596", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4476" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105887", "reference_id": "1105887", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105887" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107757", "reference_id": "1107757", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107757" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366513", "reference_id": "2366513", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-16T18:08:10Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366513" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-4476", "reference_id": "CVE-2025-4476", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-16T18:08:10Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-4476" }, { "reference_url": "https://usn.ubuntu.com/7543-1/", "reference_id": "USN-7543-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7543-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" } ], "aliases": [ "CVE-2025-4476" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sabm-gujq-j3fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72807?format=api", "vulnerability_id": "VCID-svba-hf1d-y7ez", "summary": "libsoup: HTTP request smuggling via stripping null bytes from the ends of header names", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52530.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52530.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-52530", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58612", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.5864", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58656", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58637", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58617", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58651", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58632", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58599", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.5859", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58611", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58581", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.58633", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-52530" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52530", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52530" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088812", "reference_id": "1088812", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088812" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325284", "reference_id": "2325284", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325284" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/377", "reference_id": "377", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:37:22Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/377" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/402", "reference_id": "402", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:37:22Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/402" }, { "reference_url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home", "reference_id": "home", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:37:22Z/" } ], "url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9501", "reference_id": "RHSA-2024:9501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9524", "reference_id": "RHSA-2024:9524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9525", "reference_id": "RHSA-2024:9525", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9525" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9559", "reference_id": "RHSA-2024:9559", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9559" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9566", "reference_id": "RHSA-2024:9566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9570", "reference_id": "RHSA-2024:9570", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9572", "reference_id": "RHSA-2024:9572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9573", "reference_id": "RHSA-2024:9573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9573" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9576", "reference_id": "RHSA-2024:9576", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9576" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9654", "reference_id": "RHSA-2024:9654", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9654" }, { "reference_url": "https://usn.ubuntu.com/7126-1/", "reference_id": "USN-7126-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7126-1/" }, { "reference_url": "https://usn.ubuntu.com/7127-1/", "reference_id": "USN-7127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7127-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" } ], "aliases": [ "CVE-2024-52530" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-svba-hf1d-y7ez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72806?format=api", "vulnerability_id": "VCID-uk2y-997k-4qat", "summary": "libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52531.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52531.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-52531", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35256", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35617", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35642", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35524", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3557", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35594", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35604", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3556", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35537", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35576", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35566", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35515", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35277", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-52531" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087417", "reference_id": "1087417", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087417" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089240", "reference_id": "1089240", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089240" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325277", "reference_id": "2325277", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325277" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407", "reference_id": "407", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L" }, { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:09:47Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407#note_2316401", "reference_id": "407#note_2316401", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L" }, { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:09:47Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407#note_2316401" }, { "reference_url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home", "reference_id": "home", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L" }, { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:09:47Z/" } ], "url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0791", "reference_id": "RHSA-2025:0791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0838", "reference_id": "RHSA-2025:0838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0847", "reference_id": "RHSA-2025:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0848", "reference_id": "RHSA-2025:0848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0882", "reference_id": "RHSA-2025:0882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0889", "reference_id": "RHSA-2025:0889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0903", "reference_id": "RHSA-2025:0903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0949", "reference_id": "RHSA-2025:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1047", "reference_id": "RHSA-2025:1047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1075", "reference_id": "RHSA-2025:1075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1154", "reference_id": "RHSA-2025:1154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1154" }, { "reference_url": "https://offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html", "reference_id": "using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L" }, { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:09:47Z/" } ], "url": "https://offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html" }, { "reference_url": "https://usn.ubuntu.com/7126-1/", "reference_id": "USN-7126-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7126-1/" }, { "reference_url": "https://usn.ubuntu.com/7127-1/", "reference_id": "USN-7127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7127-1/" }, { "reference_url": "https://usn.ubuntu.com/7565-1/", "reference_id": "USN-7565-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7565-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" } ], "aliases": [ "CVE-2024-52531" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uk2y-997k-4qat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72805?format=api", "vulnerability_id": "VCID-v9pv-qh9a-97g9", "summary": "libsoup: infinite loop while reading websocket data", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52532.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52532.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-52532", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42361", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.4254", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42503", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42472", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42523", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42498", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42427", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42364", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42491", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42519", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42457", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42508", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42518", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-52532" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52532", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52532" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087416", "reference_id": "1087416", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087416" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089238", "reference_id": "1089238", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089238" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325276", "reference_id": "2325276", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325276" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/391", "reference_id": "391", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:16:48Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/391" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/410", "reference_id": "410", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:16:48Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/410" }, { "reference_url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home", "reference_id": "home", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:16:48Z/" } ], "url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9559", "reference_id": "RHSA-2024:9559", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9559" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9573", "reference_id": "RHSA-2024:9573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9573" }, { "reference_url": "https://usn.ubuntu.com/7126-1/", "reference_id": "USN-7126-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7126-1/" }, { "reference_url": "https://usn.ubuntu.com/7127-1/", "reference_id": "USN-7127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7127-1/" }, { "reference_url": "https://usn.ubuntu.com/7565-1/", "reference_id": "USN-7565-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7565-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" } ], "aliases": [ "CVE-2024-52532" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v9pv-qh9a-97g9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70410?format=api", "vulnerability_id": "VCID-yx68-81fu-ffar", "summary": "libsoup: OOB Read on libsoup through function \"soup_multipart_new_from_message\" in soup-multipart.c leads to crash or exit of process", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32914.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32914.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32914", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.6693", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66896", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.6691", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66892", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66917", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66829", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66854", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66827", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66876", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66889", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66909", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66895", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66863", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32914" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103267", "reference_id": "1103267", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103267" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103512", "reference_id": "1103512", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103512" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359358", "reference_id": "2359358", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359358" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/436", "reference_id": "436", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/436" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32914", "reference_id": "CVE-2025-32914", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32914" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21657", "reference_id": "RHSA-2025:21657", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7505", "reference_id": "RHSA-2025:7505", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8126", "reference_id": "RHSA-2025:8126", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8132", "reference_id": "RHSA-2025:8132", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8139", "reference_id": "RHSA-2025:8139", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8140", "reference_id": "RHSA-2025:8140", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8252", "reference_id": "RHSA-2025:8252", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8480", "reference_id": "RHSA-2025:8480", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8481", "reference_id": "RHSA-2025:8481", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8482", "reference_id": "RHSA-2025:8482", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8663", "reference_id": "RHSA-2025:8663", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9179", "reference_id": "RHSA-2025:9179", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9179" }, { "reference_url": "https://usn.ubuntu.com/7490-1/", "reference_id": "USN-7490-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-1/" }, { "reference_url": "https://usn.ubuntu.com/7490-3/", "reference_id": "USN-7490-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-3/" }, { "reference_url": "https://usn.ubuntu.com/7643-1/", "reference_id": "USN-7643-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7643-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994706?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-10.1" } ], "aliases": [ "CVE-2025-32914" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yx68-81fu-ffar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70409?format=api", "vulnerability_id": "VCID-zhp7-2ks9-m7es", "summary": "libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when \"filename\" parameter is present, but has no value in Content-Disposition header", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32913.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32913.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32913", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76945", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76814", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76914", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76905", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76937", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76843", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76824", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76855", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76865", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76894", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76873", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76868", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76909", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32913" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103515", "reference_id": "1103515", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103515" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359357", "reference_id": "2359357", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359357" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32913", "reference_id": "CVE-2025-32913", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32913" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21657", "reference_id": "RHSA-2025:21657", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4439", "reference_id": "RHSA-2025:4439", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4440", "reference_id": "RHSA-2025:4440", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4508", "reference_id": "RHSA-2025:4508", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4538", "reference_id": "RHSA-2025:4538", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4560", "reference_id": "RHSA-2025:4560", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4568", "reference_id": "RHSA-2025:4568", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4609", "reference_id": "RHSA-2025:4609", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4609" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4624", "reference_id": "RHSA-2025:4624", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7436", "reference_id": "RHSA-2025:7436", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8292", "reference_id": "RHSA-2025:8292", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9179", "reference_id": "RHSA-2025:9179", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T13:54:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9179" }, { "reference_url": "https://usn.ubuntu.com/7490-1/", "reference_id": "USN-7490-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-1/" }, { "reference_url": "https://usn.ubuntu.com/7490-3/", "reference_id": "USN-7490-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994706?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-10.1" } ], "aliases": [ "CVE-2025-32913" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zhp7-2ks9-m7es" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70470?format=api", "vulnerability_id": "VCID-zrmu-bwfg-e3hp", "summary": "libsoup: Heap buffer overflow in sniff_unknown()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32052.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32052.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32052", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78254", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78223", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78221", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78216", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78248", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78141", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78171", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78154", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.7818", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78186", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78212", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78195", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78191", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32052" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102214", "reference_id": "1102214", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102214" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357069", "reference_id": "2357069", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357069" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/425", "reference_id": "425", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/425" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32052", "reference_id": "CVE-2025-32052", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4440", "reference_id": "RHSA-2025:4440", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4508", "reference_id": "RHSA-2025:4508", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4560", "reference_id": "RHSA-2025:4560", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4568", "reference_id": "RHSA-2025:4568", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7436", "reference_id": "RHSA-2025:7436", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8292", "reference_id": "RHSA-2025:8292", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8292" }, { "reference_url": "https://usn.ubuntu.com/7432-1/", "reference_id": "USN-7432-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7432-1/" }, { "reference_url": "https://usn.ubuntu.com/7565-1/", "reference_id": "USN-7565-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7565-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994706?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-10.1" } ], "aliases": [ "CVE-2025-32052" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zrmu-bwfg-e3hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70471?format=api", "vulnerability_id": "VCID-zsdd-pzyb-nbdf", "summary": "libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32053.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32053.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78254", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78216", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78248", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78141", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78171", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78154", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.7818", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78186", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78212", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78195", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78191", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78223", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01115", "scoring_system": "epss", "scoring_elements": "0.78221", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32053" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102215", "reference_id": "1102215", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102215" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357070", "reference_id": "2357070", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357070" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32053", "reference_id": "CVE-2025-32053", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4440", "reference_id": "RHSA-2025:4440", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4508", "reference_id": "RHSA-2025:4508", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4560", "reference_id": "RHSA-2025:4560", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4568", "reference_id": "RHSA-2025:4568", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7436", "reference_id": "RHSA-2025:7436", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8292", "reference_id": "RHSA-2025:8292", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8292" }, { "reference_url": "https://usn.ubuntu.com/7432-1/", "reference_id": "USN-7432-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7432-1/" }, { "reference_url": "https://usn.ubuntu.com/7565-1/", "reference_id": "USN-7565-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7565-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994705?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-1%252Bdeb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994706?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.74.3-10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.74.3-10.1" } ], "aliases": [ "CVE-2025-32053" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zsdd-pzyb-nbdf" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82003?format=api", "vulnerability_id": "VCID-fwhq-2jj5-wka3", "summary": "libsoup: heap-based over-read in soup_ntlm_parse_challenge() in soup-auth-ntlm.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17266.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17266.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17266", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76218", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76351", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76308", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76344", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76221", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76253", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76233", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76265", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76279", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76305", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76283", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76278", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76319", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00942", "scoring_system": "epss", "scoring_elements": "0.76324", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17266" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17266", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17266" }, { "reference_url": "https://github.com/Kirin-say/Vulnerabilities/blob/master/CVE-2019-17266_POC.md", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/Kirin-say/Vulnerabilities/blob/master/CVE-2019-17266_POC.md" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/commit/88b7dff4467f4151afae244ea7d1223753cd05ab", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libsoup/commit/88b7dff4467f4151afae244ea7d1223753cd05ab" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/commit/f8a54ac85eec2008c85393f331cdd251af8266ad", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libsoup/commit/f8a54ac85eec2008c85393f331cdd251af8266ad" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/issues/173", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libsoup/issues/173" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2019-17266", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2019-17266" }, { "reference_url": "https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1705054.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1705054.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771292", "reference_id": "1771292", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771292" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:libsoup:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnome:libsoup:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:libsoup:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17266", "reference_id": "CVE-2019-17266", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17266" }, { "reference_url": "https://usn.ubuntu.com/4152-1/", "reference_id": "USN-4152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4152-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050800?format=api", "purl": "pkg:deb/debian/libsoup2.4@2.72.0-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24tr-cene-gfch" }, { "vulnerability": "VCID-4m39-v7d7-1ba7" }, { "vulnerability": "VCID-6skx-v6sg-53gq" }, { "vulnerability": "VCID-7hhg-3u9v-nqfw" }, { "vulnerability": "VCID-9uua-rxjd-fkf6" }, { "vulnerability": "VCID-athp-xk5g-jbhu" }, { "vulnerability": "VCID-f481-8mb7-dbed" }, { "vulnerability": "VCID-htuv-qv35-gycj" }, { "vulnerability": "VCID-k9bu-zasm-vfgr" }, { "vulnerability": "VCID-ku6w-4wsv-qbe4" }, { "vulnerability": "VCID-rd74-1427-eybf" }, { "vulnerability": "VCID-sabm-gujq-j3fb" }, { "vulnerability": "VCID-svba-hf1d-y7ez" }, { "vulnerability": "VCID-uk2y-997k-4qat" }, { "vulnerability": "VCID-v9pv-qh9a-97g9" }, { "vulnerability": "VCID-yx68-81fu-ffar" }, { "vulnerability": "VCID-zhp7-2ks9-m7es" }, { "vulnerability": "VCID-zrmu-bwfg-e3hp" }, { "vulnerability": "VCID-zsdd-pzyb-nbdf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.72.0-2" } ], "aliases": [ "CVE-2019-17266" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fwhq-2jj5-wka3" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.72.0-2" }