NULL Pointer Dereference Vulnerability in libsoup by Red Hat
CVE-2025-32910

6.5MEDIUM

Key Information:

Vendor: Red Hat
Status: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9
Vendor: CVE Published:; 14 April 2025

Summary

A vulnerability exists in libsoup that can lead to a NULL pointer dereference when the function soup_auth_digest_authenticate() is called. This flaw may result in the libsoup client crashing when certain conditions are met. It is essential for developers and system administrators using libsoup to apply patches and mitigate risks associated with this issue to maintain the stability and security of their applications.

References

https://access.redhat.com/security/cve/CVE-2025-32910

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2359354

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 14, 2025
Vulnerability Reserved
Apr 14, 2025