CVE-2025-46420
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
24/04/2025
Last modified:
28/07/2025
Description
A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes.
Impact
Base Score 3.x
6.50
Severity 3.x
MEDIUM
References to Advisories, Solutions, and Tools
- https://access.redhat.com/errata/RHSA-2025:4439
- https://access.redhat.com/errata/RHSA-2025:4440
- https://access.redhat.com/errata/RHSA-2025:4508
- https://access.redhat.com/errata/RHSA-2025:4538
- https://access.redhat.com/errata/RHSA-2025:4560
- https://access.redhat.com/errata/RHSA-2025:4568
- https://access.redhat.com/errata/RHSA-2025:4609
- https://access.redhat.com/errata/RHSA-2025:4624
- https://access.redhat.com/errata/RHSA-2025:7436
- https://access.redhat.com/security/cve/CVE-2025-46420
- https://bugzilla.redhat.com/show_bug.cgi?id=2361963
- https://gitlab.gnome.org/GNOME/libsoup/-/issues/438