High severity7.5NVD Advisory· Published Apr 14, 2025· Updated Apr 15, 2026
CVE-2025-32908
CVE-2025-32908
Description
A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- osv-coords9 versionspkg:rpm/almalinux/libsoup3pkg:rpm/almalinux/libsoup3-develpkg:rpm/almalinux/libsoup3-docpkg:rpm/opensuse/libsoup&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/libsoup&distro=openSUSE%20Tumbleweedpkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Micro%206.1
< 3.6.5-3.el10_0+ 8 more
- (no CPE)range: < 3.6.5-3.el10_0
- (no CPE)range: < 3.6.5-3.el10_0
- (no CPE)range: < 3.6.5-3.el10_0
- (no CPE)range: < 3.4.4-150600.3.7.1
- (no CPE)range: < 3.6.5-2.1
- (no CPE)range: < 3.4.4-150600.3.7.1
- (no CPE)range: < 3.4.4-150600.3.7.1
- (no CPE)range: < 3.4.2-6.1
- (no CPE)range: < 3.4.4-slfo.1.1_3.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.