{"url":"http://public2.vulnerablecode.io/api/packages/928655?format=json","purl":"pkg:deb/debian/libsoup2.4@2.72.0-2%2Bdeb11u3?distro=trixie","type":"deb","namespace":"debian","name":"libsoup2.4","version":"2.72.0-2+deb11u3","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.74.3-8.1","latest_non_vulnerable_version":"2.74.3-10","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69632?format=json","vulnerability_id":"VCID-7hhg-3u9v-nqfw","summary":"libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4945.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4945","reference_id":"","reference_type":"","scores":[{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52825","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52857","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52867","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52829","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52774","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52803","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.5283","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52797","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52849","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52843","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52893","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52877","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52862","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52898","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52905","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.52889","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4945"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106205","reference_id":"1106205","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106205"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106375","reference_id":"1106375","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106375"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367175","reference_id":"2367175","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367175"},{"reference_url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/448","reference_id":"448","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/448"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-4945","reference_id":"CVE-2025-4945","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19713","reference_id":"RHSA-2025:19713","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19714","reference_id":"RHSA-2025:19714","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19720","reference_id":"RHSA-2025:19720","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20959","reference_id":"RHSA-2025:20959","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21032","reference_id":"RHSA-2025:21032","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21655","reference_id":"RHSA-2025:21655","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21656","reference_id":"RHSA-2025:21656","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21657","reference_id":"RHSA-2025:21657","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21664","reference_id":"RHSA-2025:21664","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21665","reference_id":"RHSA-2025:21665","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21666","reference_id":"RHSA-2025:21666","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21666"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21772","reference_id":"RHSA-2025:21772","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22013","reference_id":"RHSA-2025:22013","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T18:15:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22013"},{"reference_url":"https://usn.ubuntu.com/7643-1/","reference_id":"USN-7643-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7643-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/928645?format=json","purl":"pkg:deb/debian/libsoup2.4@2.72.0-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-htuv-qv35-gycj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.72.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928655?format=json","purl":"pkg:deb/debian/libsoup2.4@2.72.0-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.72.0-2%252Bdeb11u3%3Fdistro=trixie"}],"aliases":["CVE-2025-4945"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7hhg-3u9v-nqfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69571?format=json","vulnerability_id":"VCID-9uua-rxjd-fkf6","summary":"libsoup: Off-by-One Out-of-Bounds Read in find_boundary() in soup-multipart.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4969.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4969.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4969","reference_id":"","reference_type":"","scores":[{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68122","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68481","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68558","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68607","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68613","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68618","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68597","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.685","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68477","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68527","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68545","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68571","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68559","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68528","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68568","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68581","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4969"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106248","reference_id":"1106248","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106248"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106325","reference_id":"1106325","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106325"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367552","reference_id":"2367552","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-21T10:19:28Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367552"},{"reference_url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/447","reference_id":"447","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-21T10:19:28Z/"}],"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/447"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-4969","reference_id":"CVE-2025-4969","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-21T10:19:28Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-4969"},{"reference_url":"https://usn.ubuntu.com/7643-1/","reference_id":"USN-7643-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7643-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/928645?format=json","purl":"pkg:deb/debian/libsoup2.4@2.72.0-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-htuv-qv35-gycj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.72.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928655?format=json","purl":"pkg:deb/debian/libsoup2.4@2.72.0-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.72.0-2%252Bdeb11u3%3Fdistro=trixie"}],"aliases":["CVE-2025-4969"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9uua-rxjd-fkf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69633?format=json","vulnerability_id":"VCID-rd74-1427-eybf","summary":"libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4948.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4948.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4948","reference_id":"","reference_type":"","scores":[{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76941","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76903","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.7691","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76922","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76912","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76778","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76807","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76787","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76819","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76829","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76858","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76837","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76831","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76875","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.7688","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.76871","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4948"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106204","reference_id":"1106204","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106204"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106337","reference_id":"1106337","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106337"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367183","reference_id":"2367183","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367183"},{"reference_url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/449","reference_id":"449","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/449"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_eus:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-4948","reference_id":"CVE-2025-4948","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21657","reference_id":"RHSA-2025:21657","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8126","reference_id":"RHSA-2025:8126","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8128","reference_id":"RHSA-2025:8128","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8132","reference_id":"RHSA-2025:8132","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8139","reference_id":"RHSA-2025:8139","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8140","reference_id":"RHSA-2025:8140","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8252","reference_id":"RHSA-2025:8252","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8480","reference_id":"RHSA-2025:8480","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8481","reference_id":"RHSA-2025:8481","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8482","reference_id":"RHSA-2025:8482","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8482"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8663","reference_id":"RHSA-2025:8663","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9179","reference_id":"RHSA-2025:9179","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T16:53:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9179"},{"reference_url":"https://usn.ubuntu.com/7643-1/","reference_id":"USN-7643-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7643-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/928645?format=json","purl":"pkg:deb/debian/libsoup2.4@2.72.0-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-htuv-qv35-gycj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.72.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928655?format=json","purl":"pkg:deb/debian/libsoup2.4@2.72.0-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.72.0-2%252Bdeb11u3%3Fdistro=trixie"}],"aliases":["CVE-2025-4948"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rd74-1427-eybf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69773?format=json","vulnerability_id":"VCID-sabm-gujq-j3fb","summary":"libsoup: Null pointer dereference in libsoup may lead to Denial Of Service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4476.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4476.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4476","reference_id":"","reference_type":"","scores":[{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49594","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49578","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49596","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49643","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49641","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49611","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49601","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.4957","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49486","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49605","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49557","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49612","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49606","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00263","scoring_system":"epss","scoring_elements":"0.49623","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54127","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4476"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105887","reference_id":"1105887","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105887"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107757","reference_id":"1107757","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107757"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2366513","reference_id":"2366513","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T15:04:45Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-16T18:08:10Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2366513"},{"reference_url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/440","reference_id":"440","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T15:04:45Z/"}],"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/440"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-4476","reference_id":"CVE-2025-4476","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-16T18:08:10Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T15:04:45Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-4476"},{"reference_url":"https://usn.ubuntu.com/7543-1/","reference_id":"USN-7543-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7543-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/928645?format=json","purl":"pkg:deb/debian/libsoup2.4@2.72.0-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-htuv-qv35-gycj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.72.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928655?format=json","purl":"pkg:deb/debian/libsoup2.4@2.72.0-2%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.72.0-2%252Bdeb11u3%3Fdistro=trixie"}],"aliases":["CVE-2025-4476"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sabm-gujq-j3fb"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup2.4@2.72.0-2%252Bdeb11u3%3Fdistro=trixie"}