Package Instance

reference_id

RHSA-2025:21657

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/

url

reference_url

reference_id

RHSA-2025:4439

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/

url

reference_url

reference_id

RHSA-2025:4440

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/

url

reference_url

reference_id

RHSA-2025:4508

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/

url

reference_url

reference_id

RHSA-2025:4538

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/

url

reference_url

reference_id

RHSA-2025:4560

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/

url

reference_url

reference_id

RHSA-2025:4568

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/

url

reference_url

reference_id

RHSA-2025:4609

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/

url

reference_url

reference_id

RHSA-2025:4624

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/

url

reference_url

reference_id

RHSA-2025:7436

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/

url

reference_url

reference_id

RHSA-2025:8292

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/

url

reference_url

reference_id

RHSA-2025:9179

reference_type

scores

value	9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T15:57:21Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32050.json

reference_url	https://usn.ubuntu.com/7490-1/
reference_id	USN-7490-1
reference_type
scores
url	https://usn.ubuntu.com/7490-1/

reference_url	https://usn.ubuntu.com/7490-3/
reference_id	USN-7490-3
reference_type
scores
url	https://usn.ubuntu.com/7490-3/

fixed_packages

url	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.4-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.4-1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

aliases CVE-2025-32911

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-24tr-cene-gfch

url VCID-4m39-v7d7-1ba7

vulnerability_id VCID-4m39-v7d7-1ba7

summary libsoup: Integer overflow in append_param_quoted

references

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32050.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-32050

reference_id

reference_type

scores

value	0.00882
scoring_system	epss
scoring_elements	0.75427
published_at	2026-04-18T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75379
published_at	2026-04-13T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.7542
published_at	2026-04-16T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75327
published_at	2026-04-02T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75359
published_at	2026-04-04T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75338
published_at	2026-04-07T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75382
published_at	2026-04-08T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75392
published_at	2026-04-09T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75412
published_at	2026-04-11T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.7539
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-32050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32050
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32050

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102212
reference_id	1102212
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102212

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2357067

reference_id

2357067

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2357067

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-32050

reference_id

CVE-2025-32050

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/

url

https://access.redhat.com/security/cve/CVE-2025-32050

reference_url

reference_id

RHSA-2025:4440

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/

url

reference_url

reference_id

RHSA-2025:4508

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/

url

reference_url

reference_id

RHSA-2025:4560

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/

url

reference_url

reference_id

RHSA-2025:4568

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/

url

reference_url

reference_id

RHSA-2025:7436

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/

url

reference_url

reference_id

RHSA-2025:8292

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:56:24Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2784.json

reference_url	https://usn.ubuntu.com/7432-1/
reference_id	USN-7432-1
reference_type
scores
url	https://usn.ubuntu.com/7432-1/

reference_url	https://usn.ubuntu.com/7565-1/
reference_id	USN-7565-1
reference_type
scores
url	https://usn.ubuntu.com/7565-1/

fixed_packages

url	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.1-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.1-1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

aliases CVE-2025-32050

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4m39-v7d7-1ba7

url VCID-6skx-v6sg-53gq

vulnerability_id VCID-6skx-v6sg-53gq

summary libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content

references

reference_url

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2784.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-2784

reference_id

reference_type

scores

value	0.02145
scoring_system	epss
scoring_elements	0.84169
published_at	2026-04-02T12:55:00Z

value	0.02145
scoring_system	epss
scoring_elements	0.84234
published_at	2026-04-11T12:55:00Z

value	0.02145
scoring_system	epss
scoring_elements	0.84228
published_at	2026-04-12T12:55:00Z

value	0.02145
scoring_system	epss
scoring_elements	0.84224
published_at	2026-04-13T12:55:00Z

value	0.02145
scoring_system	epss
scoring_elements	0.84246
published_at	2026-04-16T12:55:00Z

value	0.02145
scoring_system	epss
scoring_elements	0.84247
published_at	2026-04-18T12:55:00Z

value	0.02145
scoring_system	epss
scoring_elements	0.84187
published_at	2026-04-04T12:55:00Z

value	0.02145
scoring_system	epss
scoring_elements	0.84188
published_at	2026-04-07T12:55:00Z

value	0.02145
scoring_system	epss
scoring_elements	0.8421
published_at	2026-04-08T12:55:00Z

value	0.02145
scoring_system	epss
scoring_elements	0.84216
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-2784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2784

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102208
reference_id	1102208
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102208

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2354669

reference_id

2354669

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2354669

reference_url

https://gitlab.gnome.org/GNOME/libsoup/-/issues/422

reference_id

422

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://gitlab.gnome.org/GNOME/libsoup/-/issues/422

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id	cpe:/o:redhat:rhel_els:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-2784

reference_id

CVE-2025-2784

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://access.redhat.com/security/cve/CVE-2025-2784

reference_url

reference_id

RHSA-2025:21657

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

reference_url

reference_id

RHSA-2025:7505

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://access.redhat.com/errata/RHSA-2025:8126

reference_url

reference_id

RHSA-2025:8126

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://access.redhat.com/errata/RHSA-2025:8126

reference_url

https://access.redhat.com/errata/RHSA-2025:8132

reference_id

RHSA-2025:8132

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://access.redhat.com/errata/RHSA-2025:8132

reference_url

https://access.redhat.com/errata/RHSA-2025:8139

reference_id

RHSA-2025:8139

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://access.redhat.com/errata/RHSA-2025:8139

reference_url

https://access.redhat.com/errata/RHSA-2025:8140

reference_id

RHSA-2025:8140

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://access.redhat.com/errata/RHSA-2025:8140

reference_url

https://access.redhat.com/errata/RHSA-2025:8252

reference_id

RHSA-2025:8252

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://access.redhat.com/errata/RHSA-2025:8252

reference_url

https://access.redhat.com/errata/RHSA-2025:8480

reference_id

RHSA-2025:8480

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://access.redhat.com/errata/RHSA-2025:8480

reference_url

https://access.redhat.com/errata/RHSA-2025:8481

reference_id

RHSA-2025:8481

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://access.redhat.com/errata/RHSA-2025:8481

reference_url

https://access.redhat.com/errata/RHSA-2025:8482

reference_id

RHSA-2025:8482

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://access.redhat.com/errata/RHSA-2025:8482

reference_url

https://access.redhat.com/errata/RHSA-2025:8663

reference_id

RHSA-2025:8663

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://access.redhat.com/errata/RHSA-2025:8663

reference_url

reference_id

RHSA-2025:9179

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T13:36:03Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32909.json

reference_url	https://usn.ubuntu.com/7432-1/
reference_id	USN-7432-1
reference_type
scores
url	https://usn.ubuntu.com/7432-1/

reference_url	https://usn.ubuntu.com/7565-1/
reference_id	USN-7565-1
reference_type
scores
url	https://usn.ubuntu.com/7565-1/

fixed_packages

url	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.5-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

aliases CVE-2025-2784

risk_score 3.1

exploitability 0.5

weighted_severity 6.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6skx-v6sg-53gq

url VCID-athp-xk5g-jbhu

vulnerability_id VCID-athp-xk5g-jbhu

summary libsoup: NULL Pointer Dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c

references

reference_url

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32909.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-32909

reference_id

reference_type

scores

value	0.00524
scoring_system	epss
scoring_elements	0.66973
published_at	2026-04-18T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66889
published_at	2026-04-07T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66957
published_at	2026-04-12T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66926
published_at	2026-04-13T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66959
published_at	2026-04-16T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66916
published_at	2026-04-04T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66938
published_at	2026-04-08T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66951
published_at	2026-04-09T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66971
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-32909

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32909
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32909

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103517
reference_id	1103517
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103517

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2359353

reference_id

2359353

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:33:27Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2359353

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-32909

reference_id

CVE-2025-32909

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:33:27Z/

url

https://access.redhat.com/security/cve/CVE-2025-32909

reference_url

reference_id

RHSA-2025:8292

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:33:27Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32910.json

reference_url	https://usn.ubuntu.com/7490-1/
reference_id	USN-7490-1
reference_type
scores
url	https://usn.ubuntu.com/7490-1/

reference_url	https://usn.ubuntu.com/7490-3/
reference_id	USN-7490-3
reference_type
scores
url	https://usn.ubuntu.com/7490-3/

fixed_packages

url	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.4-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.4-1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

aliases CVE-2025-32909

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-athp-xk5g-jbhu

url VCID-f481-8mb7-dbed

vulnerability_id VCID-f481-8mb7-dbed

summary libsoup: Null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an Unauthorized response with Digest authentication

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32910.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-32910

reference_id

reference_type

scores

value	0.00383
scoring_system	epss
scoring_elements	0.59673
published_at	2026-04-18T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.5959
published_at	2026-04-02T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59652
published_at	2026-04-12T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59632
published_at	2026-04-13T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59665
published_at	2026-04-16T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59615
published_at	2026-04-04T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59584
published_at	2026-04-07T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59636
published_at	2026-04-08T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59649
published_at	2026-04-09T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59669
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-32910

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32910
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32910

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103516
reference_id	1103516
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103516

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2359354

reference_id

2359354

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:54:36Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2359354

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-32910

reference_id

CVE-2025-32910

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:54:36Z/

url

https://access.redhat.com/security/cve/CVE-2025-32910

reference_url

reference_id

RHSA-2025:8292

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:54:36Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46420.json

reference_url	https://usn.ubuntu.com/7490-1/
reference_id	USN-7490-1
reference_type
scores
url	https://usn.ubuntu.com/7490-1/

reference_url	https://usn.ubuntu.com/7490-3/
reference_id	USN-7490-3
reference_type
scores
url	https://usn.ubuntu.com/7490-3/

fixed_packages

url	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.4-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.4-1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

aliases CVE-2025-32910

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f481-8mb7-dbed

url VCID-htuv-qv35-gycj

vulnerability_id VCID-htuv-qv35-gycj

summary libsoup: Memory leak on soup_header_parse_quality_list() via soup-headers.c

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46420.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-46420

reference_id

reference_type

scores

value	0.01098
scoring_system	epss
scoring_elements	0.78054
published_at	2026-04-18T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.78039
published_at	2026-04-11T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.78022
published_at	2026-04-12T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.7802
published_at	2026-04-13T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.78055
published_at	2026-04-16T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.7797
published_at	2026-04-02T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.77999
published_at	2026-04-04T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.77981
published_at	2026-04-07T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.78008
published_at	2026-04-08T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.78012
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-46420

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46420
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46420

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104055
reference_id	1104055
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104055

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2361963

reference_id

2361963

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2361963

reference_url

https://gitlab.gnome.org/GNOME/libsoup/-/issues/438

reference_id

438

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/

url

https://gitlab.gnome.org/GNOME/libsoup/-/issues/438

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-46420

reference_id

CVE-2025-46420

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/

url

https://access.redhat.com/security/cve/CVE-2025-46420

reference_url

reference_id

RHSA-2025:4439

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/

url

reference_url

reference_id

RHSA-2025:4440

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/

url

reference_url

reference_id

RHSA-2025:4508

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/

url

reference_url

reference_id

RHSA-2025:4538

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/

url

reference_url

reference_id

RHSA-2025:4560

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/

url

reference_url

reference_id

RHSA-2025:4568

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/

url

reference_url

reference_id

RHSA-2025:4609

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/

url

reference_url

reference_id

RHSA-2025:4624

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/

url

reference_url

reference_id

RHSA-2025:7436

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T13:14:47Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32912.json

reference_url	https://usn.ubuntu.com/7490-1/
reference_id	USN-7490-1
reference_type
scores
url	https://usn.ubuntu.com/7490-1/

reference_url	https://usn.ubuntu.com/7490-3/
reference_id	USN-7490-3
reference_type
scores
url	https://usn.ubuntu.com/7490-3/

fixed_packages

url	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.4-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.4-1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

aliases CVE-2025-46420

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-htuv-qv35-gycj

url VCID-k9bu-zasm-vfgr

vulnerability_id VCID-k9bu-zasm-vfgr

summary libsoup: NULL pointer dereference in client when server omits the "nonce" parameter in an Unauthorized response with Digest authentication

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32912.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-32912

reference_id

reference_type

scores

value	0.00383
scoring_system	epss
scoring_elements	0.59673
published_at	2026-04-18T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.5959
published_at	2026-04-02T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59652
published_at	2026-04-12T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59632
published_at	2026-04-13T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59665
published_at	2026-04-16T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59615
published_at	2026-04-04T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59584
published_at	2026-04-07T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59636
published_at	2026-04-08T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59649
published_at	2026-04-09T12:55:00Z

value	0.00383
scoring_system	epss
scoring_elements	0.59669
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-32912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32912

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103516
reference_id	1103516
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103516

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2359356

reference_id

2359356

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:32:52Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2359356

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-32912

reference_id

CVE-2025-32912

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:32:52Z/

url

https://access.redhat.com/security/cve/CVE-2025-32912

reference_url

reference_id

RHSA-2025:7505

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:32:52Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32906.json

reference_url	https://usn.ubuntu.com/7490-1/
reference_id	USN-7490-1
reference_type
scores
url	https://usn.ubuntu.com/7490-1/

reference_url	https://usn.ubuntu.com/7490-2/
reference_id	USN-7490-2
reference_type
scores
url	https://usn.ubuntu.com/7490-2/

reference_url	https://usn.ubuntu.com/7490-3/
reference_id	USN-7490-3
reference_type
scores
url	https://usn.ubuntu.com/7490-3/

fixed_packages

url	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.5-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

aliases CVE-2025-32912

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k9bu-zasm-vfgr

url VCID-ku6w-4wsv-qbe4

vulnerability_id VCID-ku6w-4wsv-qbe4

summary libsoup: Out of bounds reads in soup_headers_parse_request()

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32906.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-32906

reference_id

reference_type

scores

value	0.00795
scoring_system	epss
scoring_elements	0.7402
published_at	2026-04-18T12:55:00Z

value	0.00795
scoring_system	epss
scoring_elements	0.73929
published_at	2026-04-02T12:55:00Z

value	0.00795
scoring_system	epss
scoring_elements	0.73979
published_at	2026-04-12T12:55:00Z

value	0.00795
scoring_system	epss
scoring_elements	0.73971
published_at	2026-04-13T12:55:00Z

value	0.00795
scoring_system	epss
scoring_elements	0.74011
published_at	2026-04-16T12:55:00Z

value	0.00795
scoring_system	epss
scoring_elements	0.73954
published_at	2026-04-04T12:55:00Z

value	0.00795
scoring_system	epss
scoring_elements	0.73926
published_at	2026-04-07T12:55:00Z

value	0.00795
scoring_system	epss
scoring_elements	0.7396
published_at	2026-04-08T12:55:00Z

value	0.00795
scoring_system	epss
scoring_elements	0.73974
published_at	2026-04-09T12:55:00Z

value	0.00795
scoring_system	epss
scoring_elements	0.73997
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-32906

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32906
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32906

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103521
reference_id	1103521
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103521

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2359341

reference_id

2359341

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2359341

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id	cpe:/o:redhat:rhel_els:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-32906

reference_id

CVE-2025-32906

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

https://access.redhat.com/security/cve/CVE-2025-32906

reference_url

reference_id

RHSA-2025:21657

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

reference_url

reference_id

RHSA-2025:4439

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

reference_url

reference_id

RHSA-2025:4440

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

reference_url

reference_id

RHSA-2025:4508

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

reference_url

reference_id

RHSA-2025:4538

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

reference_url

reference_id

RHSA-2025:4560

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

reference_url

reference_id

RHSA-2025:4568

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

reference_url

reference_id

RHSA-2025:4609

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

reference_url

reference_id

RHSA-2025:4624

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

reference_url

reference_id

RHSA-2025:7436

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

reference_url

reference_id

RHSA-2025:7505

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

reference_url

reference_id

RHSA-2025:8292

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

reference_url

reference_id

RHSA-2025:9179

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:49Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46421.json

reference_url	https://usn.ubuntu.com/7490-1/
reference_id	USN-7490-1
reference_type
scores
url	https://usn.ubuntu.com/7490-1/

reference_url	https://usn.ubuntu.com/7490-3/
reference_id	USN-7490-3
reference_type
scores
url	https://usn.ubuntu.com/7490-3/

fixed_packages

url	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.5-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

aliases CVE-2025-32906

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ku6w-4wsv-qbe4

url VCID-su51-s55e-hqdh

vulnerability_id VCID-su51-s55e-hqdh

summary libsoup: Information disclosure may leads libsoup client sends Authorization header to a different host when being redirected by a server

references

reference_url

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46421.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-46421

reference_id

reference_type

scores

value	0.00543
scoring_system	epss
scoring_elements	0.67745
published_at	2026-04-16T12:55:00Z

value	0.00543
scoring_system	epss
scoring_elements	0.67734
published_at	2026-04-09T12:55:00Z

value	0.00543
scoring_system	epss
scoring_elements	0.67758
published_at	2026-04-18T12:55:00Z

value	0.00543
scoring_system	epss
scoring_elements	0.67743
published_at	2026-04-12T12:55:00Z

value	0.00543
scoring_system	epss
scoring_elements	0.6771
published_at	2026-04-13T12:55:00Z

value	0.00543
scoring_system	epss
scoring_elements	0.67667
published_at	2026-04-02T12:55:00Z

value	0.00543
scoring_system	epss
scoring_elements	0.67688
published_at	2026-04-04T12:55:00Z

value	0.00543
scoring_system	epss
scoring_elements	0.67668
published_at	2026-04-07T12:55:00Z

value	0.00543
scoring_system	epss
scoring_elements	0.6772
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-46421

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46421
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46421

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104054
reference_id	1104054
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104054

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2361962

reference_id

2361962

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:12:43Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2361962

reference_url

https://gitlab.gnome.org/GNOME/libsoup/-/issues/439

reference_id

439

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:12:43Z/

url

https://gitlab.gnome.org/GNOME/libsoup/-/issues/439

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-46421

reference_id

CVE-2025-46421

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:12:43Z/

url

https://access.redhat.com/security/cve/CVE-2025-46421

reference_url

reference_id

RHSA-2025:4439

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:12:43Z/

url

reference_url

reference_id

RHSA-2025:4440

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:12:43Z/

url

reference_url

reference_id

RHSA-2025:4508

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:12:43Z/

url

reference_url

reference_id

RHSA-2025:4538

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:12:43Z/

url

reference_url

reference_id

RHSA-2025:4560

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:12:43Z/

url

reference_url

reference_id

RHSA-2025:4568

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:12:43Z/

url

reference_url

reference_id

RHSA-2025:4609

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:12:43Z/

url

reference_url

reference_id

RHSA-2025:4624

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:12:43Z/

url

reference_url

reference_id

RHSA-2025:7436

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:12:43Z/

url

reference_url

reference_id

RHSA-2025:7505

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-24T13:12:43Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52530.json

reference_url	https://usn.ubuntu.com/7490-1/
reference_id	USN-7490-1
reference_type
scores
url	https://usn.ubuntu.com/7490-1/

reference_url	https://usn.ubuntu.com/7490-3/
reference_id	USN-7490-3
reference_type
scores
url	https://usn.ubuntu.com/7490-3/

fixed_packages

url	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.5-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

aliases CVE-2025-46421

risk_score 3.0

exploitability 0.5

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-su51-s55e-hqdh

url VCID-svba-hf1d-y7ez

vulnerability_id VCID-svba-hf1d-y7ez

summary libsoup: HTTP request smuggling via stripping null bytes from the ends of header names

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52530.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-52530

reference_id

reference_type

scores

value	0.00366
scoring_system	epss
scoring_elements	0.58651
published_at	2026-04-16T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58611
published_at	2026-04-04T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58581
published_at	2026-04-07T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58633
published_at	2026-04-08T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.5864
published_at	2026-04-09T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58656
published_at	2026-04-18T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58637
published_at	2026-04-12T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.58617
published_at	2026-04-13T12:55:00Z

value	0.00366
scoring_system	epss
scoring_elements	0.5859
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-52530

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52530
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52530

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088812
reference_id	1088812
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088812

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2325284
reference_id	2325284
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2325284

reference_url

https://gitlab.gnome.org/GNOME/libsoup/-/issues/377

reference_id

377

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:37:22Z/

url

https://gitlab.gnome.org/GNOME/libsoup/-/issues/377

reference_url

https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/402

reference_id

402

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:37:22Z/

url

https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/402

reference_url

https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home

reference_id

home

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:37:22Z/

url

https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home

reference_url	https://access.redhat.com/errata/RHSA-2024:9501
reference_id	RHSA-2024:9501
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9501

reference_url	https://access.redhat.com/errata/RHSA-2024:9524
reference_id	RHSA-2024:9524
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9524

reference_url	https://access.redhat.com/errata/RHSA-2024:9525
reference_id	RHSA-2024:9525
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9525

reference_url	https://access.redhat.com/errata/RHSA-2024:9559
reference_id	RHSA-2024:9559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9559

reference_url	https://access.redhat.com/errata/RHSA-2024:9566
reference_id	RHSA-2024:9566
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9566

reference_url	https://access.redhat.com/errata/RHSA-2024:9570
reference_id	RHSA-2024:9570
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9570

reference_url	https://access.redhat.com/errata/RHSA-2024:9572
reference_id	RHSA-2024:9572
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9572

reference_url	https://access.redhat.com/errata/RHSA-2024:9573
reference_id	RHSA-2024:9573
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9573

reference_url	https://access.redhat.com/errata/RHSA-2024:9576
reference_id	RHSA-2024:9576
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9576

reference_url	https://access.redhat.com/errata/RHSA-2024:9654
reference_id	RHSA-2024:9654
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9654

reference_url	https://usn.ubuntu.com/7126-1/
reference_id	USN-7126-1
reference_type
scores
url	https://usn.ubuntu.com/7126-1/

reference_url	https://usn.ubuntu.com/7127-1/
reference_id	USN-7127-1
reference_type
scores
url	https://usn.ubuntu.com/7127-1/

fixed_packages

url	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.5.2-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.5.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.5.2-1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

aliases CVE-2024-52530

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-svba-hf1d-y7ez

url VCID-uk2y-997k-4qat

vulnerability_id VCID-uk2y-997k-4qat

summary libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52531.json

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52531.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-52531

reference_id

reference_type

scores

value	0.0015
scoring_system	epss
scoring_elements	0.35566
published_at	2026-04-18T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35617
published_at	2026-04-02T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35642
published_at	2026-04-04T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35524
published_at	2026-04-07T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.3557
published_at	2026-04-08T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35594
published_at	2026-04-09T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35604
published_at	2026-04-11T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.3556
published_at	2026-04-12T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35537
published_at	2026-04-13T12:55:00Z

value	0.0015
scoring_system	epss
scoring_elements	0.35576
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-52531

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52531
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52531

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087417
reference_id	1087417
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087417

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089240
reference_id	1089240
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089240

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2325277
reference_id	2325277
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2325277

reference_url

https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407

reference_id

407

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:09:47Z/

url

https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407

reference_url

https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407#note_2316401

reference_id

407#note_2316401

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:09:47Z/

url

https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407#note_2316401

reference_url

https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home

reference_id

home

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:09:47Z/

url

https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home

reference_url	https://access.redhat.com/errata/RHSA-2025:0791
reference_id	RHSA-2025:0791
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0791

reference_url	https://access.redhat.com/errata/RHSA-2025:0838
reference_id	RHSA-2025:0838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0838

reference_url	https://access.redhat.com/errata/RHSA-2025:0847
reference_id	RHSA-2025:0847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0847

reference_url	https://access.redhat.com/errata/RHSA-2025:0848
reference_id	RHSA-2025:0848
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0848

reference_url	https://access.redhat.com/errata/RHSA-2025:0882
reference_id	RHSA-2025:0882
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0882

reference_url	https://access.redhat.com/errata/RHSA-2025:0889
reference_id	RHSA-2025:0889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0889

reference_url	https://access.redhat.com/errata/RHSA-2025:0903
reference_id	RHSA-2025:0903
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0903

reference_url	https://access.redhat.com/errata/RHSA-2025:0949
reference_id	RHSA-2025:0949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0949

reference_url	https://access.redhat.com/errata/RHSA-2025:1047
reference_id	RHSA-2025:1047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1047

reference_url	https://access.redhat.com/errata/RHSA-2025:1075
reference_id	RHSA-2025:1075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1075

reference_url	https://access.redhat.com/errata/RHSA-2025:1154
reference_id	RHSA-2025:1154
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1154

reference_url

https://offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html

reference_id

using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:09:47Z/

url

https://offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html

reference_url	https://usn.ubuntu.com/7126-1/
reference_id	USN-7126-1
reference_type
scores
url	https://usn.ubuntu.com/7126-1/

reference_url	https://usn.ubuntu.com/7127-1/
reference_id	USN-7127-1
reference_type
scores
url	https://usn.ubuntu.com/7127-1/

reference_url	https://usn.ubuntu.com/7565-1/
reference_id	USN-7565-1
reference_type
scores
url	https://usn.ubuntu.com/7565-1/

fixed_packages

url	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.0-4?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.0-4%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

aliases CVE-2024-52531

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uk2y-997k-4qat

url VCID-v9pv-qh9a-97g9

vulnerability_id VCID-v9pv-qh9a-97g9

summary libsoup: infinite loop while reading websocket data

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52532.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52532.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-52532

reference_id

reference_type

scores

value	0.00204
scoring_system	epss
scoring_elements	0.42498
published_at	2026-04-18T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42457
published_at	2026-04-07T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42508
published_at	2026-04-08T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42518
published_at	2026-04-09T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.4254
published_at	2026-04-11T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42503
published_at	2026-04-12T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42472
published_at	2026-04-13T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42523
published_at	2026-04-16T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42491
published_at	2026-04-02T12:55:00Z

value	0.00204
scoring_system	epss
scoring_elements	0.42519
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-52532

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52532
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52532

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087416
reference_id	1087416
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087416

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089238
reference_id	1089238
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089238

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2325276
reference_id	2325276
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2325276

reference_url

https://gitlab.gnome.org/GNOME/libsoup/-/issues/391

reference_id

391

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:16:48Z/

url

https://gitlab.gnome.org/GNOME/libsoup/-/issues/391

reference_url

https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/410

reference_id

410

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:16:48Z/

url

https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/410

reference_url

https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home

reference_id

home

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:16:48Z/

url

https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home

reference_url	https://access.redhat.com/errata/RHSA-2024:9559
reference_id	RHSA-2024:9559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9559

reference_url	https://access.redhat.com/errata/RHSA-2024:9573
reference_id	RHSA-2024:9573
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9573

reference_url	https://usn.ubuntu.com/7126-1/
reference_id	USN-7126-1
reference_type
scores
url	https://usn.ubuntu.com/7126-1/

reference_url	https://usn.ubuntu.com/7127-1/
reference_id	USN-7127-1
reference_type
scores
url	https://usn.ubuntu.com/7127-1/

reference_url	https://usn.ubuntu.com/7565-1/
reference_id	USN-7565-1
reference_type
scores
url	https://usn.ubuntu.com/7565-1/

fixed_packages

url	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.0-4?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.0-4%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

aliases CVE-2024-52532

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v9pv-qh9a-97g9

url VCID-zrmu-bwfg-e3hp

vulnerability_id VCID-zrmu-bwfg-e3hp

summary libsoup: Heap buffer overflow in sniff_unknown()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32052.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32052.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-32052

reference_id

reference_type

scores

value	0.01115
scoring_system	epss
scoring_elements	0.78221
published_at	2026-04-18T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78191
published_at	2026-04-13T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78223
published_at	2026-04-16T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78141
published_at	2026-04-02T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78171
published_at	2026-04-04T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78154
published_at	2026-04-07T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.7818
published_at	2026-04-08T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78186
published_at	2026-04-09T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78212
published_at	2026-04-11T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78195
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-32052

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32052
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32052

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102214
reference_id	1102214
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102214

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2357069

reference_id

2357069

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2357069

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-32052

reference_id

CVE-2025-32052

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/

url

https://access.redhat.com/security/cve/CVE-2025-32052

reference_url

reference_id

RHSA-2025:4440

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/

url

reference_url

reference_id

RHSA-2025:4508

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/

url

reference_url

reference_id

RHSA-2025:4560

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/

url

reference_url

reference_id

RHSA-2025:4568

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/

url

reference_url

reference_id

RHSA-2025:7436

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/

url

reference_url

reference_id

RHSA-2025:8292

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:44:39Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32053.json

reference_url	https://usn.ubuntu.com/7432-1/
reference_id	USN-7432-1
reference_type
scores
url	https://usn.ubuntu.com/7432-1/

reference_url	https://usn.ubuntu.com/7565-1/
reference_id	USN-7565-1
reference_type
scores
url	https://usn.ubuntu.com/7565-1/

fixed_packages

url	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.1-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.1-1%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

aliases CVE-2025-32052

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zrmu-bwfg-e3hp

url VCID-zsdd-pzyb-nbdf

vulnerability_id VCID-zsdd-pzyb-nbdf

summary libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()

references

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32053.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-32053

reference_id

reference_type

scores

value	0.01115
scoring_system	epss
scoring_elements	0.78221
published_at	2026-04-18T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78191
published_at	2026-04-13T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78223
published_at	2026-04-16T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78141
published_at	2026-04-02T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78171
published_at	2026-04-04T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78154
published_at	2026-04-07T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.7818
published_at	2026-04-08T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78186
published_at	2026-04-09T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78212
published_at	2026-04-11T12:55:00Z

value	0.01115
scoring_system	epss
scoring_elements	0.78195
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-32053

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32053
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32053

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102215
reference_id	1102215
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102215

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2357070

reference_id

2357070

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2357070

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-32053

reference_id

CVE-2025-32053

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/

url

https://access.redhat.com/security/cve/CVE-2025-32053

reference_url

reference_id

RHSA-2025:4440

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/

url

reference_url

reference_id

RHSA-2025:4508

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/

url

reference_url

reference_id

RHSA-2025:4560

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/

url

reference_url

reference_id

RHSA-2025:4568

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/

url

reference_url

reference_id

RHSA-2025:7436

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/

url

reference_url

reference_id

RHSA-2025:8292

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:04:01Z/

url