VulnerableCode Package Details - pkg:deb/debian/libsoup3@3.6.4-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-24tr-cene-gfch	libsoup: Double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" GHashTable value	CVE-2025-32911
VCID-athp-xk5g-jbhu	libsoup: NULL Pointer Dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c	CVE-2025-32909
VCID-f481-8mb7-dbed	libsoup: Null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an Unauthorized response with Digest authentication	CVE-2025-32910
VCID-htuv-qv35-gycj	libsoup: Memory leak on soup_header_parse_quality_list() via soup-headers.c	CVE-2025-46420
VCID-zhp7-2ks9-m7es	libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header	CVE-2025-32913

Vulnerability

Summary

Aliases

VCID-24tr-cene-gfch

libsoup: Double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" GHashTable value

CVE-2025-32911

VCID-athp-xk5g-jbhu

libsoup: NULL Pointer Dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c

CVE-2025-32909

VCID-f481-8mb7-dbed

libsoup: Null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an Unauthorized response with Digest authentication

CVE-2025-32910

VCID-htuv-qv35-gycj

libsoup: Memory leak on soup_header_parse_quality_list() via soup-headers.c

CVE-2025-46420

VCID-zhp7-2ks9-m7es

libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header

CVE-2025-32913

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:57:33.240154+00:00	Debian Importer	Fixing	VCID-athp-xk5g-jbhu	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:49:59.734674+00:00	Debian Importer	Fixing	VCID-f481-8mb7-dbed	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:42:24.289522+00:00	Debian Importer	Fixing	VCID-htuv-qv35-gycj	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:27:59.318805+00:00	Debian Importer	Fixing	VCID-24tr-cene-gfch	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:54:05.216758+00:00	Debian Importer	Fixing	VCID-athp-xk5g-jbhu	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:48:22.848633+00:00	Debian Importer	Fixing	VCID-f481-8mb7-dbed	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:42:39.861447+00:00	Debian Importer	Fixing	VCID-htuv-qv35-gycj	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:18:47.841182+00:00	Debian Importer	Fixing	VCID-24tr-cene-gfch	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:29:39.575641+00:00	Debian Importer	Fixing	VCID-htuv-qv35-gycj	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:29:39.429363+00:00	Debian Importer	Fixing	VCID-zhp7-2ks9-m7es	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:29:39.350255+00:00	Debian Importer	Fixing	VCID-24tr-cene-gfch	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:29:39.308688+00:00	Debian Importer	Fixing	VCID-f481-8mb7-dbed	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:29:39.267480+00:00	Debian Importer	Fixing	VCID-athp-xk5g-jbhu	https://security-tracker.debian.org/tracker/data/json	38.1.0