VDB

DEBIAN-CVE-2025-32911

DEBIAN-CVE-2025-32911 PUBLISHED CVSS 9 CRITICAL

A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.

Risk Scores

CVSS 3.1
9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersions
Debian:12libsoup30, 3.2.2-2, 0
Debian:14libsoup30, 0
Debian:13libsoup2.40, 0
Debian:12libsoup2.42.74.3-8.1, 2.74.3-3.1, 2.74.3-3.1
Debian:11libsoup2.42.72.0-2, 2.72.0-2, 0
Debian:13libsoup30, 0

Timeline

  • Apr 15, 2025 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›