{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-4969", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2025-05-19T21:14:09.795Z", "datePublished": "2025-05-21T01:44:13.820Z", "dateUpdated": "2026-06-30T10:40:26.099Z"}, "containers": {"cna": {"title": "Libsoup: off-by-one out-of-bounds read in find_boundary() in soup-multipart.c", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read)."}], "affected": [{"versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.6.5"}], "packageName": "libsoup", "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup", "defaultStatus": "unaffected"}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libsoup3", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:10"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libsoup", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libsoup", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libsoup", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libsoup", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-4969", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367552", "name": "RHBZ#2367552", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/447"}], "datePublic": "2025-05-20T00:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "description": "Out-of-bounds Read", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-125: Out-of-bounds Read", "timeline": [{"lang": "en", "time": "2025-05-20T16:24:36.420Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-05-20T00:00:00.000Z", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-06-30T10:40:26.099Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-21T10:19:28.565929Z", "id": "CVE-2025-4969", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-21T10:20:03.235Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-4969", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-21T10:19:28.565929Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-21T10:19:37.495Z"}}], "cna": {"title": "Libsoup: off-by-one out-of-bounds read in find_boundary() in soup-multipart.c", "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.6.5"}], "packageName": "libsoup", "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:10"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "packageName": "libsoup3", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:6"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "packageName": "libsoup", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "packageName": "libsoup", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "packageName": "libsoup", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "packageName": "libsoup", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2025-05-20T16:24:36.420Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-05-20T00:00:00.000Z", "value": "Made public."}], "datePublic": "2025-05-20T00:00:00.000Z", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-4969", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367552", "name": "RHBZ#2367552", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/447"}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-06-30T10:40:26.099Z"}, "x_redhatCweChain": "CWE-125: Out-of-bounds Read"}}, "cveMetadata": {"cveId": "CVE-2025-4969", "state": "PUBLISHED", "dateUpdated": "2026-06-30T10:40:26.099Z", "dateReserved": "2025-05-19T21:14:09.795Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2025-05-21T01:44:13.820Z", "assignerShortName": "redhat"}, "dataVersion": "5.2"}

{"affected": [{"affectedData": [{"collectionURL": "https://gitlab.gnome.org/GNOME/libsoup", "defaultStatus": "unaffected", "packageName": "libsoup", "versions": [{"lessThanOrEqual": "3.6.5", "status": "affected", "version": "0", "versionType": "semver"}]}, {"collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": ["cpe:/o:redhat:enterprise_linux:10"], "defaultStatus": "affected", "packageName": "libsoup3", "product": "Red Hat Enterprise Linux 10", "vendor": "Red Hat"}, {"collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": ["cpe:/o:redhat:enterprise_linux:6"], "defaultStatus": "unknown", "packageName": "libsoup", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat"}, {"collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": ["cpe:/o:redhat:enterprise_linux:7"], "defaultStatus": "unknown", "packageName": "libsoup", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat"}, {"collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": ["cpe:/o:redhat:enterprise_linux:8"], "defaultStatus": "unknown", "packageName": "libsoup", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat"}, {"collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": ["cpe:/o:redhat:enterprise_linux:9"], "defaultStatus": "affected", "packageName": "libsoup", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat"}], "source": "secalert@redhat.com"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read)."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en el paquete libsoup. Esta falla se debe a que no verifica correctamente la terminaci\u00f3n de los mensajes HTTP multiparte. Esto puede permitir que un atacante remoto env\u00ede un cuerpo HTTP multiparte especialmente manipulado, lo que provoca que el servidor que consume libsoup lea m\u00e1s all\u00e1 de los l\u00edmites de memoria asignados (lectura fuera de los l\u00edmites)."}], "id": "CVE-2025-4969", "lastModified": "2026-06-17T09:34:24.710", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "secalert@redhat.com", "type": "Secondary"}], "ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2025-4969", "options": [{"exploitation": "none"}, {"automatable": "yes"}, {"technicalImpact": "partial"}], "role": "CISA Coordinator", "timestamp": "2025-05-21T10:19:28.565929Z", "version": "2.0.3"}}]}, "published": "2025-05-21T06:16:28.937", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2025-4969"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367552"}, {"source": "secalert@redhat.com", "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/447"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"bugzilla": {"description": "libsoup: Off-by-One Out-of-Bounds Read in find_boundary() in soup-multipart.c", "id": "2367552", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367552"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "status": "draft"}, "cwe": "CWE-125", "details": ["A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read).", "A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read)."], "name": "CVE-2025-4969", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "libsoup3", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "libsoup", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "libsoup", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "libsoup", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "libsoup", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-05-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-4969\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-4969"], "statement": "Red Hat Product Security has rated this vulnerability as with Moderate severity. Although this flaw may be exploited by an unauthenticated attacker and through the network, the attacker has little to no control over the information leaked. Additionally, the amount of bytes improperly read is low (only one byte is improperly read per attack), which makes this flaw very difficult to exploit to exfiltrate meaningful sensitive data.", "threat_severity": "Moderate"}

{}