ГлавнаяУязвимости → CVE-2025-2784
7высокая

CVE-2025-2784

→ есть в БДУ: BDU:2025-05737 (на русском)
Описание (на английском; русское — в БДУ выше)

A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.

Затрагиваемое ПО
Gnome LibsoupRedhat Codeready linux builderRedhat Codeready linux builder for arm64Redhat Codeready linux builder for arm64 eusRedhat Codeready linux builder for ibm z systemsRedhat Codeready linux builder for ibm z systems eusRedhat Codeready linux builder for power little endianRedhat Codeready linux builder for power little endian eusRedhat Enterprise linuxRedhat Enterprise linux eusRedhat Enterprise linux for arm 64Redhat Enterprise linux for arm 64 eusRedhat Enterprise linux for ibm z systemsRedhat Enterprise linux for ibm z systems eusRedhat Enterprise linux for power little endianRedhat Enterprise linux for power little endian eusRedhat Enterprise linux serverRedhat Enterprise linux server ausRedhat Enterprise linux server for power little endian update services for sap solutionsRedhat Enterprise linux server tusRedhat Enterprise linux update services for sap solutions
CVSS
Балл7 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
Источники
https://access.redhat.com/errata/RHSA-2025:21657https://access.redhat.com/errata/RHSA-2025:7505https://access.redhat.com/errata/RHSA-2025:8126https://access.redhat.com/errata/RHSA-2025:8132https://access.redhat.com/errata/RHSA-2025:8139https://access.redhat.com/errata/RHSA-2025:8140https://access.redhat.com/errata/RHSA-2025:8252https://access.redhat.com/errata/RHSA-2025:8480