vulnerability
Rocky Linux: CVE-2025-11021: libsoup3 (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:C/I:N/A:N) | Nov 21, 2025 | Feb 5, 2026 | Feb 5, 2026 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:C/I:N/A:N)
Published
Nov 21, 2025
Added
Feb 5, 2026
Modified
Feb 5, 2026
Description
Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it), but the SOAP parts were removed long ago.
Solutions
rocky-upgrade-libsouprocky-upgrade-libsoup-debuginforocky-upgrade-libsoup-debugsourcerocky-upgrade-libsoup-develrocky-upgrade-libsoup3rocky-upgrade-libsoup3-debuginforocky-upgrade-libsoup3-debugsourcerocky-upgrade-libsoup3-devel
References
- CVE-2025-11021
- https://attackerkb.com/topics/CVE-2025-11021
- CWE-125
- URL-https://errata.rockylinux.org/RLSA-2025:18183
- URL-https://errata.rockylinux.org/RLSA-2025:19713
- URL-https://errata.rockylinux.org/RLSA-2025:19714
- URL-https://errata.rockylinux.org/RLSA-2025:20959
- URL-https://errata.rockylinux.org/RLSA-2025:21032
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.