Critical severity9.0NVD Advisory· Published Apr 15, 2025· Updated Apr 15, 2026

CVE-2025-32911

Description

A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2025:21657nvd
access.redhat.com/errata/RHSA-2025:4439nvd
access.redhat.com/errata/RHSA-2025:4440nvd
access.redhat.com/errata/RHSA-2025:4508nvd
access.redhat.com/errata/RHSA-2025:4538nvd
access.redhat.com/errata/RHSA-2025:4560nvd
access.redhat.com/errata/RHSA-2025:4568nvd
access.redhat.com/errata/RHSA-2025:4609nvd
access.redhat.com/errata/RHSA-2025:4624nvd
access.redhat.com/errata/RHSA-2025:7436nvd
access.redhat.com/errata/RHSA-2025:8292nvd
access.redhat.com/errata/RHSA-2025:9179nvd
access.redhat.com/security/cve/CVE-2025-32911nvd
bugzilla.redhat.com/show_bug.cginvd
lists.debian.org/debian-lts-announce/2025/04/msg00036.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.585
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000