CVE-2025-32907

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions libsoup (affected versions not specified)

Description A flaw was found in the implementation of HTTP range requests in libsoup, making it vulnerable to a resource consumption attack. This allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. The attack does not allow for a full denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1050CWE-405

Related Identifiers

ALSA-2025:7436

ALSA-2025:8128

ALSA-2025:8292

AZL-60426

AZL-60429

BDU:2025-04546

CESA-2025_8292

CVE-2025-32907

DLA-4140-1

INFSA-2025_7436

INFSA-2025_8292

MGASA-2025-0261

OESA-2025-1485

OPENSUSE-SU-2025:15043-1

OPENSUSE-SU-2025:15044-1

OPENSUSE-SU-2025_1503-1

OPENSUSE-SU-2025_1504-1

OPENSUSE-SU-2025_1509-1

OPENSUSE-SU-2025_1510-1

RHSA-2025:4439

RHSA-2025:4440

RHSA-2025:4508

RHSA-2025:7436

RHSA-2025:8128

RHSA-2025:8292

RHSA-2025_7436

RHSA-2025_8292

SUSE-SU-2025:01503-1

SUSE-SU-2025:01504-1

SUSE-SU-2025:1503-1

SUSE-SU-2025:1504-1

SUSE-SU-2025:1509-1

SUSE-SU-2025:1510-1

SUSE-SU-2025:1518-1

SUSE-SU-2025:1519-1

SUSE-SU-2025:20375-1

SUSE-SU-2025:20446-1

USN-7643-1

Affected Products

Almalinux

Astra Linux

Centos

Debian

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

Libsoup

CVE-2025-32907

Weakness Enumeration

Related Identifiers

Affected Products

References · 155