A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash.
{
"cwe_ids": [
"CWE-476"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/32xxx/CVE-2025-32909.json",
"cna_assigner": "redhat"
}"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-32909.json"
[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"281936149324709056643396573617539596701",
"37306503631334137803149435341106799958",
"81340554500924600413249182364185110231",
"288209360692215489362252233406715107748"
]
},
"source": "https://gitlab.gnome.org/gnome/libsoup@ea16eeacb052e423eb5c3b0b705e5eab34b13832",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2025-32909-59f62549",
"signature_version": "v1",
"target": {
"file": "libsoup/auth/soup-auth-digest.c"
}
},
{
"digest": {
"length": 393.0,
"function_hash": "193447911690467284479937608647285939307"
},
"source": "https://gitlab.gnome.org/gnome/libsoup@ea16eeacb052e423eb5c3b0b705e5eab34b13832",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2025-32909-fab21130",
"signature_version": "v1",
"target": {
"file": "libsoup/auth/soup-auth-digest.c",
"function": "soup_auth_digest_finalize"
}
}
]
"2026-07-15T01:27:56Z"