{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23536?format=json","vulnerability_id":"VCID-e4hj-3kra-e3f6","summary":"","aliases":[{"alias":"CVE-2025-32907"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/56456?format=json","purl":"pkg:deb/debian/libsoup3@3.6.5-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1075601?format=json","purl":"pkg:deb/debian/libsoup3@3.6.5-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qgh-vw85-pkgw"},{"vulnerability":"VCID-6f9d-pcxz-33gv"},{"vulnerability":"VCID-8kct-xksr-nbf5"},{"vulnerability":"VCID-9bxw-6fyp-eycw"},{"vulnerability":"VCID-ax9v-tk8e-7bc6"},{"vulnerability":"VCID-eevt-zrdu-43fd"},{"vulnerability":"VCID-n1b3-xe94-buep"},{"vulnerability":"VCID-pqbf-rmhm-1bdg"},{"vulnerability":"VCID-qrv4-n5dj-e3ax"},{"vulnerability":"VCID-uagb-rqc6-mud8"},{"vulnerability":"VCID-v48a-d33y-mugv"},{"vulnerability":"VCID-wbhj-94rn-g3af"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3"},{"url":"http://public2.vulnerablecode.io/api/packages/56431?format=json","purl":"pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4qgh-vw85-pkgw"},{"vulnerability":"VCID-6f9d-pcxz-33gv"},{"vulnerability":"VCID-8kct-xksr-nbf5"},{"vulnerability":"VCID-9bxw-6fyp-eycw"},{"vulnerability":"VCID-ax9v-tk8e-7bc6"},{"vulnerability":"VCID-eevt-zrdu-43fd"},{"vulnerability":"VCID-n1b3-xe94-buep"},{"vulnerability":"VCID-pqbf-rmhm-1bdg"},{"vulnerability":"VCID-qrv4-n5dj-e3ax"},{"vulnerability":"VCID-uagb-rqc6-mud8"},{"vulnerability":"VCID-v48a-d33y-mugv"},{"vulnerability":"VCID-wbhj-94rn-g3af"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/56429?format=json","purl":"pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075600?format=json","purl":"pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2hh7-56nc-syfm"},{"vulnerability":"VCID-4qgh-vw85-pkgw"},{"vulnerability":"VCID-6f9d-pcxz-33gv"},{"vulnerability":"VCID-8kct-xksr-nbf5"},{"vulnerability":"VCID-9bxw-6fyp-eycw"},{"vulnerability":"VCID-ax9v-tk8e-7bc6"},{"vulnerability":"VCID-e4hj-3kra-e3f6"},{"vulnerability":"VCID-ecj1-rz3q-uqgd"},{"vulnerability":"VCID-eevt-zrdu-43fd"},{"vulnerability":"VCID-fkcb-rpw8-9qbg"},{"vulnerability":"VCID-jdjw-ptcn-8qgk"},{"vulnerability":"VCID-k3pu-2jhk-tyfs"},{"vulnerability":"VCID-n1b3-xe94-buep"},{"vulnerability":"VCID-pqbf-rmhm-1bdg"},{"vulnerability":"VCID-qrv4-n5dj-e3ax"},{"vulnerability":"VCID-uagb-rqc6-mud8"},{"vulnerability":"VCID-v48a-d33y-mugv"},{"vulnerability":"VCID-wbhj-94rn-g3af"},{"vulnerability":"VCID-wem7-17sp-1bc4"},{"vulnerability":"VCID-zcr3-u9tf-1fea"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2"},{"url":"http://public2.vulnerablecode.io/api/packages/56427?format=json","purl":"pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2hh7-56nc-syfm"},{"vulnerability":"VCID-4qgh-vw85-pkgw"},{"vulnerability":"VCID-6f9d-pcxz-33gv"},{"vulnerability":"VCID-8kct-xksr-nbf5"},{"vulnerability":"VCID-9bxw-6fyp-eycw"},{"vulnerability":"VCID-ax9v-tk8e-7bc6"},{"vulnerability":"VCID-e4hj-3kra-e3f6"},{"vulnerability":"VCID-ecj1-rz3q-uqgd"},{"vulnerability":"VCID-eevt-zrdu-43fd"},{"vulnerability":"VCID-fkcb-rpw8-9qbg"},{"vulnerability":"VCID-jdjw-ptcn-8qgk"},{"vulnerability":"VCID-k3pu-2jhk-tyfs"},{"vulnerability":"VCID-n1b3-xe94-buep"},{"vulnerability":"VCID-pqbf-rmhm-1bdg"},{"vulnerability":"VCID-qrv4-n5dj-e3ax"},{"vulnerability":"VCID-uagb-rqc6-mud8"},{"vulnerability":"VCID-v48a-d33y-mugv"},{"vulnerability":"VCID-wbhj-94rn-g3af"},{"vulnerability":"VCID-wem7-17sp-1bc4"},{"vulnerability":"VCID-zcr3-u9tf-1fea"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/331775?format=json","purl":"pkg:rpm/redhat/libsoup@2.72.0-8.el9_0?arch=4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-582v-xafz-zqbe"},{"vulnerability":"VCID-bqnm-n8tb-gbca"},{"vulnerability":"VCID-e4hj-3kra-e3f6"},{"vulnerability":"VCID-edrj-n7em-xkbs"},{"vulnerability":"VCID-fkcb-rpw8-9qbg"},{"vulnerability":"VCID-m5gn-nu9u-e7ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-8.el9_0%3Farch=4"},{"url":"http://public2.vulnerablecode.io/api/packages/331773?format=json","purl":"pkg:rpm/redhat/libsoup@2.72.0-8.el9_2?arch=4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m4j-bpr7-afex"},{"vulnerability":"VCID-582v-xafz-zqbe"},{"vulnerability":"VCID-bqnm-n8tb-gbca"},{"vulnerability":"VCID-e4hj-3kra-e3f6"},{"vulnerability":"VCID-edrj-n7em-xkbs"},{"vulnerability":"VCID-fkcb-rpw8-9qbg"},{"vulnerability":"VCID-m5gn-nu9u-e7ew"},{"vulnerability":"VCID-s31n-19xp-hyex"},{"vulnerability":"VCID-tj7x-mfwv-t3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-8.el9_2%3Farch=4"},{"url":"http://public2.vulnerablecode.io/api/packages/331770?format=json","purl":"pkg:rpm/redhat/libsoup@2.72.0-8.el9_4?arch=4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m4j-bpr7-afex"},{"vulnerability":"VCID-582v-xafz-zqbe"},{"vulnerability":"VCID-bqnm-n8tb-gbca"},{"vulnerability":"VCID-e4hj-3kra-e3f6"},{"vulnerability":"VCID-edrj-n7em-xkbs"},{"vulnerability":"VCID-fkcb-rpw8-9qbg"},{"vulnerability":"VCID-m5gn-nu9u-e7ew"},{"vulnerability":"VCID-s31n-19xp-hyex"},{"vulnerability":"VCID-tj7x-mfwv-t3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-8.el9_4%3Farch=4"},{"url":"http://public2.vulnerablecode.io/api/packages/331769?format=json","purl":"pkg:rpm/redhat/libsoup@2.72.0-10.el9_6?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m4j-bpr7-afex"},{"vulnerability":"VCID-582v-xafz-zqbe"},{"vulnerability":"VCID-bqnm-n8tb-gbca"},{"vulnerability":"VCID-e4hj-3kra-e3f6"},{"vulnerability":"VCID-edrj-n7em-xkbs"},{"vulnerability":"VCID-fkcb-rpw8-9qbg"},{"vulnerability":"VCID-m5gn-nu9u-e7ew"},{"vulnerability":"VCID-s31n-19xp-hyex"},{"vulnerability":"VCID-tj7x-mfwv-t3hh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-10.el9_6%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/331553?format=json","purl":"pkg:rpm/redhat/libsoup3@3.6.5-3.el10_0?arch=6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e4hj-3kra-e3f6"},{"vulnerability":"VCID-ecj1-rz3q-uqgd"},{"vulnerability":"VCID-jd9c-a4s4-3fed"},{"vulnerability":"VCID-xmqx-qack-5bgc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup3@3.6.5-3.el10_0%3Farch=6"},{"url":"http://public2.vulnerablecode.io/api/packages/331847?format=json","purl":"pkg:rpm/redhat/mingw-freetype@2.8-3.el8_10?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1q4d-qv4f-jkg9"},{"vulnerability":"VCID-3m4j-bpr7-afex"},{"vulnerability":"VCID-d9t2-dgu2-5fhb"},{"vulnerability":"VCID-e4hj-3kra-e3f6"},{"vulnerability":"VCID-edrj-n7em-xkbs"},{"vulnerability":"VCID-fkcb-rpw8-9qbg"},{"vulnerability":"VCID-m5gn-nu9u-e7ew"},{"vulnerability":"VCID-s31n-19xp-hyex"},{"vulnerability":"VCID-tj7x-mfwv-t3hh"},{"vulnerability":"VCID-zuqs-mqzj-fuf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mingw-freetype@2.8-3.el8_10%3Farch=1"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32907.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32907.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32907","reference_id":"","reference_type":"","scores":[{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.45001","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44849","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44999","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.45013","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32907"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103264","reference_id":"1103264","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103264"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103518","reference_id":"1103518","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103518"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-32907","reference_id":"CVE-2025-32907","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-32907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4439","reference_id":"RHSA-2025:4439","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:4439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4440","reference_id":"RHSA-2025:4440","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:4440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4508","reference_id":"RHSA-2025:4508","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:4508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7436","reference_id":"RHSA-2025:7436","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8128","reference_id":"RHSA-2025:8128","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8292","reference_id":"RHSA-2025:8292","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8292"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359342","reference_id":"show_bug.cgi?id=2359342","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T14:13:20Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359342"},{"reference_url":"https://usn.ubuntu.com/7643-1/","reference_id":"USN-7643-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7643-1/"}],"weaknesses":[{"cwe_id":1050,"name":"Excessive Platform Resource Consumption within a Loop","description":"The product has a loop body or loop condition that contains a control element that directly or indirectly consumes platform resources, e.g. messaging, sessions, locks, or file descriptors."}],"exploits":[],"severity_range_score":"5.3 - 7.5","exploitability":"0.5","weighted_severity":"4.8","risk_score":2.4,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e4hj-3kra-e3f6"}