Base Score

MEDIUM6.5

CVE-2025-32053

A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.

VectorNETWORK

Published Bysecalert@redhat.com

Published DateApr 03, 2025, 14:15

Weakness Type (CWE):CWE-126

CVSS Metrics

Base Score

6.5

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

LOW

Integrity (I)

NONE

Availability (A)

LOW

References

https://access.redhat.com/errata/RHSA-2025:4440
https://access.redhat.com/errata/RHSA-2025:4508
https://access.redhat.com/errata/RHSA-2025:4560
https://access.redhat.com/errata/RHSA-2025:4568
https://access.redhat.com/errata/RHSA-2025:7436
https://access.redhat.com/errata/RHSA-2025:8292
https://access.redhat.com/security/cve/CVE-2025-32053
https://bugzilla.redhat.com/show_bug.cgi?id=2357070
https://lists.debian.org/debian-lts-announce/2025/04/msg00036.html

Base Score

MEDIUM6.5

Weakness Type (CWE):CWE-126

CVSS Metrics

Base Score

6.5

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

LOW

Integrity (I)

NONE

Availability (A)

LOW