PT-2025-14756 · Libsoup+7 · Libsoup+7

Published

2024-06-21

·

Updated

2026-03-20

·

CVE-2025-32049

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions libsoup (affected versions not specified)
Description A flaw in libsoup allows the SoupWebsocketConnection to accept a large WebSocket message. This may cause libsoup to allocate memory and lead to a denial of service (DoS).
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Allocation of Resources Without Limits

Weakness Enumeration

CWE-770

Related Identifiers

ALSA-2025:8126
ALSA-2025:8128
ALSA-2025:8132
AZL-59539
AZL-59557
BDU:2025-07139
CESA-2025_8132
CVE-2025-32049
DLA-4140-1
INFSA-2025_8126
INFSA-2025_8132
MGASA-2025-0261
OPENSUSE-SU-2026:10208-1
OPENSUSE-SU-2026:10209-1
OPENSUSE-SU-2026:20354-1
OPENSUSE-SU-2026:20384-1
RHSA-2025:8126
RHSA-2025:8128
RHSA-2025:8132
RHSA-2025:8139
RHSA-2025:8140
RHSA-2025:8252
RHSA-2025:8480
RHSA-2025:8481
RHSA-2025:8482
RHSA-2025:8663
RHSA-2025:9179
RHSA-2025_8126
RHSA-2025_8132
SUSE-SU-2026:0657-1
SUSE-SU-2026:0658-1
SUSE-SU-2026:0689-1
SUSE-SU-2026:0690-1
SUSE-SU-2026:0703-1
SUSE-SU-2026:0834-1
SUSE-SU-2026:20529-1
SUSE-SU-2026:20649-1
SUSE-SU-2026:20752-1
SUSE-SU-2026:20902-1

Affected Products

Almalinux
Astra Linux
Centos
Debian
Red Hat
Red Os
Rocky Linux
Libsoup