Denial of Service Vulnerability in libsoup WebSocket Connections by Red Hat
CVE-2025-32049

7.5HIGH

Key Information:

Summary

A flaw in the libsoup library allows the SoupWebsocketConnection to accept oversized WebSocket messages. This can result in excessive memory allocation, potentially leading to service disruptions. Administrators should review and apply mitigations to prevent exploitation.

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.