← voltar
CVE-2025-2784

Libsoup: heap buffer over-read in `skip_insignificant_space` when sniffing content

CVSS 7 HIGHEPSS 0.7%CWE-125
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
03 abr 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
Produtos afetados
libsoupRed Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 8.8 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9.4 Extended Update Support

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://access.redhat.com/errata/RHSA-2025:21657https://access.redhat.com/errata/RHSA-2025:7505https://access.redhat.com/errata/RHSA-2025:8126https://access.redhat.com/errata/RHSA-2025:8132https://access.redhat.com/errata/RHSA-2025:8139https://access.redhat.com/errata/RHSA-2025:8140https://access.redhat.com/errata/RHSA-2025:8252https://access.redhat.com/errata/RHSA-2025:8480https://access.redhat.com/errata/RHSA-2025:8481https://access.redhat.com/errata/RHSA-2025:8482https://access.redhat.com/errata/RHSA-2025:8663https://access.redhat.com/errata/RHSA-2025:9179