Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:rpm/redhat/libsoup@2.72.0-8.el9_2?arch=4
purl pkg:rpm/redhat/libsoup@2.72.0-8.el9_2?arch=4
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.0
Vulnerabilities affecting this package (9)
Vulnerability Summary Fixed by
VCID-24tr-cene-gfch
Aliases:
CVE-2025-32911
libsoup: Double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" GHashTable value There are no reported fixed by versions.
VCID-4m39-v7d7-1ba7
Aliases:
CVE-2025-32050
libsoup: Integer overflow in append_param_quoted There are no reported fixed by versions.
VCID-4scr-ppqy-5ugf
Aliases:
CVE-2025-32907
libsoup: Denial of service in server when client requests a large amount of overlapping ranges with Range header There are no reported fixed by versions.
VCID-htuv-qv35-gycj
Aliases:
CVE-2025-46420
libsoup: Memory leak on soup_header_parse_quality_list() via soup-headers.c There are no reported fixed by versions.
VCID-ku6w-4wsv-qbe4
Aliases:
CVE-2025-32906
libsoup: Out of bounds reads in soup_headers_parse_request() There are no reported fixed by versions.
VCID-su51-s55e-hqdh
Aliases:
CVE-2025-46421
libsoup: Information disclosure may leads libsoup client sends Authorization header to a different host when being redirected by a server There are no reported fixed by versions.
VCID-zhp7-2ks9-m7es
Aliases:
CVE-2025-32913
libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header There are no reported fixed by versions.
VCID-zrmu-bwfg-e3hp
Aliases:
CVE-2025-32052
libsoup: Heap buffer overflow in sniff_unknown() There are no reported fixed by versions.
VCID-zsdd-pzyb-nbdf
Aliases:
CVE-2025-32053
libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T13:41:25.318921+00:00 RedHat Importer Affected by VCID-zsdd-pzyb-nbdf https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32053.json 38.0.0
2026-04-01T13:41:25.184738+00:00 RedHat Importer Affected by VCID-zrmu-bwfg-e3hp https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32052.json 38.0.0
2026-04-01T13:41:25.024255+00:00 RedHat Importer Affected by VCID-4m39-v7d7-1ba7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32050.json 38.0.0
2026-04-01T13:40:56.568594+00:00 RedHat Importer Affected by VCID-zhp7-2ks9-m7es https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32913.json 38.0.0
2026-04-01T13:40:56.163683+00:00 RedHat Importer Affected by VCID-24tr-cene-gfch https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32911.json 38.0.0
2026-04-01T13:40:55.855005+00:00 RedHat Importer Affected by VCID-4scr-ppqy-5ugf https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32907.json 38.0.0
2026-04-01T13:40:55.567995+00:00 RedHat Importer Affected by VCID-ku6w-4wsv-qbe4 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32906.json 38.0.0
2026-04-01T13:40:42.280686+00:00 RedHat Importer Affected by VCID-htuv-qv35-gycj https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46420.json 38.0.0
2026-04-01T13:40:42.011174+00:00 RedHat Importer Affected by VCID-su51-s55e-hqdh https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46421.json 38.0.0