vulnerability
Ubuntu: USN-7543-1 (CVE-2025-32908): libsoup vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Apr 14, 2025 | May 29, 2025 | May 30, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Apr 14, 2025
Added
May 29, 2025
Modified
May 30, 2025
Description
A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS).
Solution(s)
ubuntu-pro-upgrade-libsoup-2-4-1ubuntu-pro-upgrade-libsoup-3-0-0ubuntu-pro-upgrade-libsoup2-4-1
References
- CVE-2025-32908
- https://attackerkb.com/topics/CVE-2025-32908
- UBUNTU-USN-7543-1
- URL-https://access.redhat.com/security/cve/CVE-2025-32908
- URL-https://bugzilla.redhat.com/show_bug.cgi?id=2359343
- URL-https://gitlab.gnome.org/GNOME/libsoup/-/issues/429
- URL-https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/453
- URL-https://ubuntu.com/security/notices/USN-7543-1
- URL-https://www.cve.org/CVERecord?id=CVE-2025-32908
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.