Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/928667?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/928667?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-2?distro=trixie", "type": "deb", "namespace": "debian", "name": "libsoup3", "version": "3.6.5-2", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "3.6.5-5", "latest_non_vulnerable_version": "3.6.6-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70403?format=api", "vulnerability_id": "VCID-4scr-ppqy-5ugf", "summary": "libsoup: Denial of service in server when client requests a large amount of overlapping ranges with Range header", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32907.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32907.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32907", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.7681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.7687", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76864", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76906", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76911", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76839", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.7682", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76851", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.76862", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.7689", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01185", "scoring_system": "epss", "scoring_elements": "0.78806", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32907" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103264", "reference_id": "1103264", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103264" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103518", "reference_id": "1103518", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103518" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359342", "reference_id": "2359342", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359342" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32907", "reference_id": "CVE-2025-32907", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4439", "reference_id": "RHSA-2025:4439", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4440", "reference_id": "RHSA-2025:4440", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4508", "reference_id": "RHSA-2025:4508", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7436", "reference_id": "RHSA-2025:7436", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8128", "reference_id": "RHSA-2025:8128", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8292", "reference_id": "RHSA-2025:8292", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8292" }, { "reference_url": "https://usn.ubuntu.com/7643-1/", "reference_id": "USN-7643-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7643-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928667?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928660?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vz1-x5py-dkg5" }, { "vulnerability": "VCID-3zqd-pcvp-a7ed" }, { "vulnerability": "VCID-6sbg-fgfs-43b6" }, { "vulnerability": "VCID-cjwc-3fs8-17ef" }, { "vulnerability": "VCID-dnrq-3tff-nfc3" }, { "vulnerability": "VCID-ka6q-xta6-ukdp" }, { "vulnerability": "VCID-mxjn-d8v7-8ubc" }, { "vulnerability": "VCID-nbx2-3qh6-tqa3" }, { "vulnerability": "VCID-nu2x-tpra-4few" }, { "vulnerability": "VCID-sccj-juvj-5ud5" }, { "vulnerability": "VCID-tpky-j79x-pqd4" }, { "vulnerability": "VCID-vsry-jr8n-zba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928658?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-32907" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4scr-ppqy-5ugf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69632?format=api", "vulnerability_id": "VCID-7hhg-3u9v-nqfw", "summary": "libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52803", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52877", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52862", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52898", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52905", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52889", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.5283", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52797", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52849", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52843", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52893", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4945" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106205", "reference_id": "1106205", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106205" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106375", "reference_id": "1106375", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106375" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367175", "reference_id": "2367175", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367175" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/448", "reference_id": "448", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/448" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1", "reference_id": "cpe:/o:redhat:enterprise_linux:10.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-4945", "reference_id": "CVE-2025-4945", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-4945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19713", "reference_id": "RHSA-2025:19713", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19714", "reference_id": "RHSA-2025:19714", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19714" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19720", "reference_id": "RHSA-2025:19720", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:20959", "reference_id": "RHSA-2025:20959", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:20959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21032", "reference_id": "RHSA-2025:21032", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21655", "reference_id": "RHSA-2025:21655", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21656", "reference_id": "RHSA-2025:21656", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21657", "reference_id": "RHSA-2025:21657", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21664", "reference_id": "RHSA-2025:21664", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21664" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21665", "reference_id": "RHSA-2025:21665", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21665" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21666", "reference_id": "RHSA-2025:21666", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21666" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21772", "reference_id": "RHSA-2025:21772", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22013", "reference_id": "RHSA-2025:22013", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22013" }, { "reference_url": "https://usn.ubuntu.com/7643-1/", "reference_id": "USN-7643-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7643-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928667?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928660?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vz1-x5py-dkg5" }, { "vulnerability": "VCID-3zqd-pcvp-a7ed" }, { "vulnerability": "VCID-6sbg-fgfs-43b6" }, { "vulnerability": "VCID-cjwc-3fs8-17ef" }, { "vulnerability": "VCID-dnrq-3tff-nfc3" }, { "vulnerability": "VCID-ka6q-xta6-ukdp" }, { "vulnerability": "VCID-mxjn-d8v7-8ubc" }, { "vulnerability": "VCID-nbx2-3qh6-tqa3" }, { "vulnerability": "VCID-nu2x-tpra-4few" }, { "vulnerability": "VCID-sccj-juvj-5ud5" }, { "vulnerability": "VCID-tpky-j79x-pqd4" }, { "vulnerability": "VCID-vsry-jr8n-zba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928658?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4945" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7hhg-3u9v-nqfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69571?format=api", "vulnerability_id": "VCID-9uua-rxjd-fkf6", "summary": "libsoup: Off-by-One Out-of-Bounds Read in find_boundary() in soup-multipart.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4969.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4969.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4969", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68558", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68481", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68528", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68568", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68581", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.685", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68477", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68527", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68545", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68571", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68559", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4969" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106248", "reference_id": "1106248", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106248" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106325", "reference_id": "1106325", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106325" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367552", "reference_id": "2367552", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-21T10:19:28Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367552" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-4969", "reference_id": "CVE-2025-4969", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-21T10:19:28Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-4969" }, { "reference_url": "https://usn.ubuntu.com/7643-1/", "reference_id": "USN-7643-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7643-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928667?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928660?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vz1-x5py-dkg5" }, { "vulnerability": "VCID-3zqd-pcvp-a7ed" }, { "vulnerability": "VCID-6sbg-fgfs-43b6" }, { "vulnerability": "VCID-cjwc-3fs8-17ef" }, { "vulnerability": "VCID-dnrq-3tff-nfc3" }, { "vulnerability": "VCID-ka6q-xta6-ukdp" }, { "vulnerability": "VCID-mxjn-d8v7-8ubc" }, { "vulnerability": "VCID-nbx2-3qh6-tqa3" }, { "vulnerability": "VCID-nu2x-tpra-4few" }, { "vulnerability": "VCID-sccj-juvj-5ud5" }, { "vulnerability": "VCID-tpky-j79x-pqd4" }, { "vulnerability": "VCID-vsry-jr8n-zba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928658?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4969" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9uua-rxjd-fkf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69633?format=api", "vulnerability_id": "VCID-rd74-1427-eybf", "summary": "libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4948.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4948.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4948", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76778", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76837", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76831", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76875", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.7688", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76871", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76807", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76787", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76819", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76829", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00986", "scoring_system": "epss", "scoring_elements": "0.76858", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4948" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106204", "reference_id": "1106204", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106204" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106337", "reference_id": "1106337", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106337" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367183", "reference_id": "2367183", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367183" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/449", "reference_id": "449", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/449" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-4948", "reference_id": "CVE-2025-4948", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-4948" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21657", "reference_id": "RHSA-2025:21657", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8126", "reference_id": "RHSA-2025:8126", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8128", "reference_id": "RHSA-2025:8128", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8132", "reference_id": "RHSA-2025:8132", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8139", "reference_id": "RHSA-2025:8139", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8140", "reference_id": "RHSA-2025:8140", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8252", "reference_id": "RHSA-2025:8252", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8480", "reference_id": "RHSA-2025:8480", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8481", "reference_id": "RHSA-2025:8481", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8482", "reference_id": "RHSA-2025:8482", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8663", "reference_id": "RHSA-2025:8663", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9179", "reference_id": "RHSA-2025:9179", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9179" }, { "reference_url": "https://usn.ubuntu.com/7643-1/", "reference_id": "USN-7643-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7643-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928667?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928660?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vz1-x5py-dkg5" }, { "vulnerability": "VCID-3zqd-pcvp-a7ed" }, { "vulnerability": "VCID-6sbg-fgfs-43b6" }, { "vulnerability": "VCID-cjwc-3fs8-17ef" }, { "vulnerability": "VCID-dnrq-3tff-nfc3" }, { "vulnerability": "VCID-ka6q-xta6-ukdp" }, { "vulnerability": "VCID-mxjn-d8v7-8ubc" }, { "vulnerability": "VCID-nbx2-3qh6-tqa3" }, { "vulnerability": "VCID-nu2x-tpra-4few" }, { "vulnerability": "VCID-sccj-juvj-5ud5" }, { "vulnerability": "VCID-tpky-j79x-pqd4" }, { "vulnerability": "VCID-vsry-jr8n-zba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928658?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4948" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rd74-1427-eybf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69773?format=api", "vulnerability_id": "VCID-sabm-gujq-j3fb", "summary": "libsoup: Null pointer dereference in libsoup may lead to Denial Of Service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4476.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4476.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49611", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49578", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49596", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49643", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49641", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49605", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49557", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49612", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49606", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49623", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00263", "scoring_system": "epss", "scoring_elements": "0.49594", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4476" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105887", "reference_id": "1105887", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105887" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107757", "reference_id": "1107757", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107757" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366513", "reference_id": "2366513", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-16T18:08:10Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366513" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-4476", "reference_id": "CVE-2025-4476", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-16T18:08:10Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-4476" }, { "reference_url": "https://usn.ubuntu.com/7543-1/", "reference_id": "USN-7543-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7543-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928667?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928660?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vz1-x5py-dkg5" }, { "vulnerability": "VCID-3zqd-pcvp-a7ed" }, { "vulnerability": "VCID-6sbg-fgfs-43b6" }, { "vulnerability": "VCID-cjwc-3fs8-17ef" }, { "vulnerability": "VCID-dnrq-3tff-nfc3" }, { "vulnerability": "VCID-ka6q-xta6-ukdp" }, { "vulnerability": "VCID-mxjn-d8v7-8ubc" }, { "vulnerability": "VCID-nbx2-3qh6-tqa3" }, { "vulnerability": "VCID-nu2x-tpra-4few" }, { "vulnerability": "VCID-sccj-juvj-5ud5" }, { "vulnerability": "VCID-tpky-j79x-pqd4" }, { "vulnerability": "VCID-vsry-jr8n-zba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928658?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4476" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sabm-gujq-j3fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70404?format=api", "vulnerability_id": "VCID-v11f-c1ed-j7d1", "summary": "libsoup: Denial of service on libsoup through HTTP/2 server", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32908.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32908.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32908", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57398", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.5735", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57396", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57376", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57402", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57373", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57349", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.574", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57403", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57418", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32908" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103265", "reference_id": "1103265", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103265" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359343", "reference_id": "2359343", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:12:19Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359343" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32908", "reference_id": "CVE-2025-32908", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:12:19Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7505", "reference_id": "RHSA-2025:7505", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:12:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7505" }, { "reference_url": "https://usn.ubuntu.com/7543-1/", "reference_id": "USN-7543-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7543-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928667?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928660?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vz1-x5py-dkg5" }, { "vulnerability": "VCID-3zqd-pcvp-a7ed" }, { "vulnerability": "VCID-6sbg-fgfs-43b6" }, { "vulnerability": "VCID-cjwc-3fs8-17ef" }, { "vulnerability": "VCID-dnrq-3tff-nfc3" }, { "vulnerability": "VCID-ka6q-xta6-ukdp" }, { "vulnerability": "VCID-mxjn-d8v7-8ubc" }, { "vulnerability": "VCID-nbx2-3qh6-tqa3" }, { "vulnerability": "VCID-nu2x-tpra-4few" }, { "vulnerability": "VCID-sccj-juvj-5ud5" }, { "vulnerability": "VCID-tpky-j79x-pqd4" }, { "vulnerability": "VCID-vsry-jr8n-zba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928658?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-32908" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v11f-c1ed-j7d1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70410?format=api", "vulnerability_id": "VCID-yx68-81fu-ffar", "summary": "libsoup: OOB Read on libsoup through function \"soup_multipart_new_from_message\" in soup-multipart.c leads to crash or exit of process", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32914.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32914.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32914", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66829", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66896", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.6691", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66892", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66854", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66827", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66876", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66889", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66909", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66895", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66863", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32914" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103267", "reference_id": "1103267", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103267" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103512", "reference_id": "1103512", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103512" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359358", "reference_id": "2359358", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359358" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32914", "reference_id": "CVE-2025-32914", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32914" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21657", "reference_id": "RHSA-2025:21657", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7505", "reference_id": "RHSA-2025:7505", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8126", "reference_id": "RHSA-2025:8126", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8132", "reference_id": "RHSA-2025:8132", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8139", "reference_id": "RHSA-2025:8139", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8140", "reference_id": "RHSA-2025:8140", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8252", "reference_id": "RHSA-2025:8252", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8480", "reference_id": "RHSA-2025:8480", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8481", "reference_id": "RHSA-2025:8481", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8482", "reference_id": "RHSA-2025:8482", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8663", "reference_id": "RHSA-2025:8663", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9179", "reference_id": "RHSA-2025:9179", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T15:05:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9179" }, { "reference_url": "https://usn.ubuntu.com/7490-1/", "reference_id": "USN-7490-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-1/" }, { "reference_url": "https://usn.ubuntu.com/7490-3/", "reference_id": "USN-7490-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7490-3/" }, { "reference_url": "https://usn.ubuntu.com/7643-1/", "reference_id": "USN-7643-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7643-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928667?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928660?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vz1-x5py-dkg5" }, { "vulnerability": "VCID-3zqd-pcvp-a7ed" }, { "vulnerability": "VCID-6sbg-fgfs-43b6" }, { "vulnerability": "VCID-cjwc-3fs8-17ef" }, { "vulnerability": "VCID-dnrq-3tff-nfc3" }, { "vulnerability": "VCID-ka6q-xta6-ukdp" }, { "vulnerability": "VCID-mxjn-d8v7-8ubc" }, { "vulnerability": "VCID-nbx2-3qh6-tqa3" }, { "vulnerability": "VCID-nu2x-tpra-4few" }, { "vulnerability": "VCID-sccj-juvj-5ud5" }, { "vulnerability": "VCID-tpky-j79x-pqd4" }, { "vulnerability": "VCID-vsry-jr8n-zba8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928658?format=api", "purl": "pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-32914" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yx68-81fu-ffar" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-2%3Fdistro=trixie" }