CVE-2025-4969

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-4969

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-4969.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-4969

Downstream

AZL-61945

AZL-61958

DEBIAN-CVE-2025-4969

DLA-4398-1

OESA-2025-1632

ROOT-OS-DEBIAN-12-CVE-2025-4969

SUSE-SU-2025:01794-1

SUSE-SU-2025:01801-1

SUSE-SU-2025:01802-1

SUSE-SU-2025:01812-1

SUSE-SU-2025:01817-1

SUSE-SU-2025:01864-1

SUSE-SU-2025:20453-1

SUSE-SU-2025:20598-1

UBUNTU-CVE-2025-4969

USN-7643-1

openSUSE-SU-2025:15185-1

openSUSE-SU-2025:15189-1

Related

Withdrawn

2026-01-27T04:20:13.136243Z

Published

2025-05-21T06:16:28Z

Modified

2026-03-12T02:16:44.880791580Z

Summary

[none]

Details

A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read).

References

Affected packages