Vulnerability-Lookup

CVE-2025-32053 (GCVE-0-2025-32053)

Vulnerability from cvelistv5 – Published: 2025-04-03 13:37 – Updated: 2025-11-06 23:08

Title

Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()

Summary

A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.

Severity

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-126 - Buffer Over-read

Assigner

redhat

References

9 references

URL	Tags
https://access.redhat.com/errata/RHSA-2025:4440	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4508	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4560	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4568	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7436	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8292	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32053	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2357070	issue-trackingx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025…

Impacted products

11 products

Vendor	Product	Version
		Affected: 0 , < 3.6.1 (semver)
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:2.62.3-8.el8_10 , < * (rpm) cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:2.8-3.el8_10.1 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:8.10-1 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 0:2.62.3-3.el8_8.4 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream cpe:/o:redhat:rhel_eus:8.8::baseos
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:2.72.0-10.el9_6.1 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:2.72.0-8.el9_2.4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:2.72.0-8.el9_4.4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7

Date Public

2025-04-03 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32053",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-03T14:04:01.420300Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-03T14:04:16.262Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:53:16.968Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00036.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-freetype",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.8-3.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream",
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-06T23:08:09.589Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:4440",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4440"
        },
        {
          "name": "RHSA-2025:4508",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4508"
        },
        {
          "name": "RHSA-2025:4560",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4560"
        },
        {
          "name": "RHSA-2025:4568",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4568"
        },
        {
          "name": "RHSA-2025:7436",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7436"
        },
        {
          "name": "RHSA-2025:8292",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8292"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32053"
        },
        {
          "name": "RHBZ#2357070",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357070"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-03T01:16:47.321Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-03T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()",
      "workarounds": [
        {
          "lang": "en",
          "value": "No mitigation is currently available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-126: Buffer Over-read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32053",
    "datePublished": "2025-04-03T13:37:39.054Z",
    "dateReserved": "2025-04-03T01:42:14.135Z",
    "dateUpdated": "2025-11-06T23:08:09.589Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-32053",
      "date": "2026-06-06",
      "epss": "0.00164",
      "percentile": "0.37184"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-32053\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2025-04-03T14:15:44.233\",\"lastModified\":\"2025-11-03T20:18:26.367\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una falla en libsoup. Una vulnerabilidad en las funciones sniff_feed_or_html() y skip_insignificant_space() podr\u00eda provocar una sobrelectura del b\u00fafer del mont\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-126\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2025:4440\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:4508\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:4560\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:4568\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:7436\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:8292\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-32053\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2357070\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/04/msg00036.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/04/msg00036.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T19:53:16.968Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-32053\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-03T14:04:01.420300Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-03T14:04:08.811Z\"}}], \"cna\": {\"title\": \"Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Moderate\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"3.6.1\", \"versionType\": \"semver\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://gitlab.gnome.org/GNOME/libsoup/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8::baseos\", \"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.3-8.el8_10\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::crb\", \"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.8-3.el8_10.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"mingw-freetype\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::crb\", \"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.10-1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"spice-client-win\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8::baseos\", \"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.3-8.el8_10\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:8.8::appstream\", \"cpe:/o:redhat:rhel_eus:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.3-3.el8_8.4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.72.0-10.el9_6.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.2 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.72.0-8.el9_2.4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.4 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.72.0-8.el9_4.4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"libsoup3\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-04-03T01:16:47.321000+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-04-03T00:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-04-03T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2025:4440\", \"name\": \"RHSA-2025:4440\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:4508\", \"name\": \"RHSA-2025:4508\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:4560\", \"name\": \"RHSA-2025:4560\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:4568\", \"name\": \"RHSA-2025:4568\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:7436\", \"name\": \"RHSA-2025:7436\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:8292\", \"name\": \"RHSA-2025:8292\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2025-32053\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2357070\", \"name\": \"RHBZ#2357070\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"No mitigation is currently available for this vulnerability.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-126\", \"description\": \"Buffer Over-read\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-11-06T23:08:09.589Z\"}, \"x_redhatCweChain\": \"CWE-126: Buffer Over-read\"}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-32053\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-06T23:08:09.589Z\", \"dateReserved\": \"2025-04-03T01:42:14.135Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2025-04-03T13:37:39.054Z\", \"assignerShortName\": \"redhat\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

SUSE-SU-2025:1519-1

Vulnerability from csaf_suse - Published: 2025-05-09 00:07 - Updated: 2025-05-09 00:07

Summary

Security update for libsoup

Severity

Important

Notes

Title of the patch: Security update for libsoup

Description of the patch: This update for libsoup fixes the following issues: - CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing content (bsc#1240750) - CVE-2025-32050: Fixed Integer overflow in append_param_quoted (bsc#1240752) - CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756) - CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) - CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) - CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) - CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) - CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688)

Patchnames: SUSE-2025-1519,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1519,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1519,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1519,SUSE-SUSE-MicroOS-5.2-2025-1519,SUSE-Storage-7.1-2025-1519

CVE-2025-2784

7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 37 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32050

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 37 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32052

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Affected products

Recommended 37 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32053

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Affected products

Recommended 37 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32907

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 37 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32914

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 37 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-46420

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected products

Recommended 37 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-46421

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Affected products

Recommended 37 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

36 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-updates/2025…	self
https://bugzilla.suse.com/1240750	self
https://bugzilla.suse.com/1240752	self
https://bugzilla.suse.com/1240756	self
https://bugzilla.suse.com/1240757	self
https://bugzilla.suse.com/1241164	self
https://bugzilla.suse.com/1241222	self
https://bugzilla.suse.com/1241686	self
https://bugzilla.suse.com/1241688	self
https://www.suse.com/security/cve/CVE-2025-2784/	self
https://www.suse.com/security/cve/CVE-2025-32050/	self
https://www.suse.com/security/cve/CVE-2025-32052/	self
https://www.suse.com/security/cve/CVE-2025-32053/	self
https://www.suse.com/security/cve/CVE-2025-32907/	self
https://www.suse.com/security/cve/CVE-2025-32914/	self
https://www.suse.com/security/cve/CVE-2025-46420/	self
https://www.suse.com/security/cve/CVE-2025-46421/	self
https://www.suse.com/security/cve/CVE-2025-2784	external
https://bugzilla.suse.com/1240750	external
https://www.suse.com/security/cve/CVE-2025-32050	external
https://bugzilla.suse.com/1240752	external
https://www.suse.com/security/cve/CVE-2025-32052	external
https://bugzilla.suse.com/1240756	external
https://www.suse.com/security/cve/CVE-2025-32053	external
https://bugzilla.suse.com/1240757	external
https://www.suse.com/security/cve/CVE-2025-32907	external
https://bugzilla.suse.com/1241222	external
https://www.suse.com/security/cve/CVE-2025-32914	external
https://bugzilla.suse.com/1241164	external
https://www.suse.com/security/cve/CVE-2025-46420	external
https://bugzilla.suse.com/1241686	external
https://www.suse.com/security/cve/CVE-2025-46421	external
https://bugzilla.suse.com/1241688	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for libsoup",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for libsoup fixes the following issues:\n\n - CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing content (bsc#1240750)\n - CVE-2025-32050: Fixed Integer overflow in append_param_quoted (bsc#1240752)\n - CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756)\n - CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757)\n - CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222)\n - CVE-2025-32914: Fixed out of bounds read  in `soup_multipart_new_from_message()` (bsc#1241164)\n - CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686)\n - CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-1519,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1519,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1519,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1519,SUSE-SUSE-MicroOS-5.2-2025-1519,SUSE-Storage-7.1-2025-1519",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1519-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:1519-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251519-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:1519-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039192.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240750",
        "url": "https://bugzilla.suse.com/1240750"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240752",
        "url": "https://bugzilla.suse.com/1240752"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240756",
        "url": "https://bugzilla.suse.com/1240756"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240757",
        "url": "https://bugzilla.suse.com/1240757"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241164",
        "url": "https://bugzilla.suse.com/1241164"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241222",
        "url": "https://bugzilla.suse.com/1241222"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241686",
        "url": "https://bugzilla.suse.com/1241686"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241688",
        "url": "https://bugzilla.suse.com/1241688"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-2784 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-2784/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32050 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32050/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32052 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32052/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32053 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32053/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32907 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32907/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32914 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32914/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-46420 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-46420/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-46421 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-46421/"
      }
    ],
    "title": "Security update for libsoup",
    "tracking": {
      "current_release_date": "2025-05-09T00:07:45Z",
      "generator": {
        "date": "2025-05-09T00:07:45Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:1519-1",
      "initial_release_date": "2025-05-09T00:07:45Z",
      "revision_history": [
        {
          "date": "2025-05-09T00:07:45Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
                "product": {
                  "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
                  "product_id": "libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libsoup-devel-2.68.4-150200.4.6.1.aarch64",
                "product": {
                  "name": "libsoup-devel-2.68.4-150200.4.6.1.aarch64",
                  "product_id": "libsoup-devel-2.68.4-150200.4.6.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
                "product": {
                  "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
                  "product_id": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-2_4-1-64bit-2.68.4-150200.4.6.1.aarch64_ilp32",
                "product": {
                  "name": "libsoup-2_4-1-64bit-2.68.4-150200.4.6.1.aarch64_ilp32",
                  "product_id": "libsoup-2_4-1-64bit-2.68.4-150200.4.6.1.aarch64_ilp32"
                }
              },
              {
                "category": "product_version",
                "name": "libsoup-devel-64bit-2.68.4-150200.4.6.1.aarch64_ilp32",
                "product": {
                  "name": "libsoup-devel-64bit-2.68.4-150200.4.6.1.aarch64_ilp32",
                  "product_id": "libsoup-devel-64bit-2.68.4-150200.4.6.1.aarch64_ilp32"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64_ilp32"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.i586",
                "product": {
                  "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.i586",
                  "product_id": "libsoup-2_4-1-2.68.4-150200.4.6.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "libsoup-devel-2.68.4-150200.4.6.1.i586",
                "product": {
                  "name": "libsoup-devel-2.68.4-150200.4.6.1.i586",
                  "product_id": "libsoup-devel-2.68.4-150200.4.6.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.i586",
                "product": {
                  "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.i586",
                  "product_id": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-lang-2.68.4-150200.4.6.1.noarch",
                "product": {
                  "name": "libsoup-lang-2.68.4-150200.4.6.1.noarch",
                  "product_id": "libsoup-lang-2.68.4-150200.4.6.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
                "product": {
                  "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
                  "product_id": "libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
                "product": {
                  "name": "libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
                  "product_id": "libsoup-devel-2.68.4-150200.4.6.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
                "product": {
                  "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
                  "product_id": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
                "product": {
                  "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
                  "product_id": "libsoup-2_4-1-2.68.4-150200.4.6.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libsoup-devel-2.68.4-150200.4.6.1.s390x",
                "product": {
                  "name": "libsoup-devel-2.68.4-150200.4.6.1.s390x",
                  "product_id": "libsoup-devel-2.68.4-150200.4.6.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
                "product": {
                  "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
                  "product_id": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
                "product": {
                  "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
                  "product_id": "libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libsoup-2_4-1-32bit-2.68.4-150200.4.6.1.x86_64",
                "product": {
                  "name": "libsoup-2_4-1-32bit-2.68.4-150200.4.6.1.x86_64",
                  "product_id": "libsoup-2_4-1-32bit-2.68.4-150200.4.6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libsoup-devel-2.68.4-150200.4.6.1.x86_64",
                "product": {
                  "name": "libsoup-devel-2.68.4-150200.4.6.1.x86_64",
                  "product_id": "libsoup-devel-2.68.4-150200.4.6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libsoup-devel-32bit-2.68.4-150200.4.6.1.x86_64",
                "product": {
                  "name": "libsoup-devel-32bit-2.68.4-150200.4.6.1.x86_64",
                  "product_id": "libsoup-devel-32bit-2.68.4-150200.4.6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
                "product": {
                  "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
                  "product_id": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.2",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.2",
                  "product_id": "SUSE Linux Enterprise Micro 5.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-microos:5.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Enterprise Storage 7.1",
                "product": {
                  "name": "SUSE Enterprise Storage 7.1",
                  "product_id": "SUSE Enterprise Storage 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:ses:7.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64"
        },
        "product_reference": "libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64"
        },
        "product_reference": "libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-devel-2.68.4-150200.4.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64"
        },
        "product_reference": "libsoup-devel-2.68.4-150200.4.6.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-devel-2.68.4-150200.4.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64"
        },
        "product_reference": "libsoup-devel-2.68.4-150200.4.6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-lang-2.68.4-150200.4.6.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch"
        },
        "product_reference": "libsoup-lang-2.68.4-150200.4.6.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64"
        },
        "product_reference": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
        },
        "product_reference": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64"
        },
        "product_reference": "libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le"
        },
        "product_reference": "libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x"
        },
        "product_reference": "libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64"
        },
        "product_reference": "libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-devel-2.68.4-150200.4.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64"
        },
        "product_reference": "libsoup-devel-2.68.4-150200.4.6.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-devel-2.68.4-150200.4.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le"
        },
        "product_reference": "libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-devel-2.68.4-150200.4.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x"
        },
        "product_reference": "libsoup-devel-2.68.4-150200.4.6.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-devel-2.68.4-150200.4.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64"
        },
        "product_reference": "libsoup-devel-2.68.4-150200.4.6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-lang-2.68.4-150200.4.6.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch"
        },
        "product_reference": "libsoup-lang-2.68.4-150200.4.6.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64"
        },
        "product_reference": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le"
        },
        "product_reference": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x"
        },
        "product_reference": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
        },
        "product_reference": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le"
        },
        "product_reference": "libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64"
        },
        "product_reference": "libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-devel-2.68.4-150200.4.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le"
        },
        "product_reference": "libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-devel-2.68.4-150200.4.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64"
        },
        "product_reference": "libsoup-devel-2.68.4-150200.4.6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-lang-2.68.4-150200.4.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch"
        },
        "product_reference": "libsoup-lang-2.68.4-150200.4.6.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le"
        },
        "product_reference": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
        },
        "product_reference": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
          "product_id": "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64"
        },
        "product_reference": "libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
          "product_id": "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x"
        },
        "product_reference": "libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
          "product_id": "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64"
        },
        "product_reference": "libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64"
        },
        "product_reference": "libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64"
        },
        "product_reference": "libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-devel-2.68.4-150200.4.6.1.aarch64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64"
        },
        "product_reference": "libsoup-devel-2.68.4-150200.4.6.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-devel-2.68.4-150200.4.6.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64"
        },
        "product_reference": "libsoup-devel-2.68.4-150200.4.6.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-lang-2.68.4-150200.4.6.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch"
        },
        "product_reference": "libsoup-lang-2.68.4-150200.4.6.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64"
        },
        "product_reference": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
        },
        "product_reference": "typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-2784",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-2784"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-2784",
          "url": "https://www.suse.com/security/cve/CVE-2025-2784"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240750 for CVE-2025-2784",
          "url": "https://bugzilla.suse.com/1240750"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-09T00:07:45Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-2784"
    },
    {
      "cve": "CVE-2025-32050",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32050"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32050",
          "url": "https://www.suse.com/security/cve/CVE-2025-32050"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240752 for CVE-2025-32050",
          "url": "https://bugzilla.suse.com/1240752"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-09T00:07:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32050"
    },
    {
      "cve": "CVE-2025-32052",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32052"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32052",
          "url": "https://www.suse.com/security/cve/CVE-2025-32052"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240756 for CVE-2025-32052",
          "url": "https://bugzilla.suse.com/1240756"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-09T00:07:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32052"
    },
    {
      "cve": "CVE-2025-32053",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32053"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32053",
          "url": "https://www.suse.com/security/cve/CVE-2025-32053"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240757 for CVE-2025-32053",
          "url": "https://bugzilla.suse.com/1240757"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-09T00:07:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32053"
    },
    {
      "cve": "CVE-2025-32907",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32907"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. This does not allow for a full denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32907",
          "url": "https://www.suse.com/security/cve/CVE-2025-32907"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241222 for CVE-2025-32907",
          "url": "https://bugzilla.suse.com/1241222"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-09T00:07:45Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32907"
    },
    {
      "cve": "CVE-2025-32914",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32914"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32914",
          "url": "https://www.suse.com/security/cve/CVE-2025-32914"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241164 for CVE-2025-32914",
          "url": "https://bugzilla.suse.com/1241164"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-09T00:07:45Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32914"
    },
    {
      "cve": "CVE-2025-46420",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-46420"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-46420",
          "url": "https://www.suse.com/security/cve/CVE-2025-46420"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241686 for CVE-2025-46420",
          "url": "https://bugzilla.suse.com/1241686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-09T00:07:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-46420"
    },
    {
      "cve": "CVE-2025-46421",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-46421"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-46421",
          "url": "https://www.suse.com/security/cve/CVE-2025-46421"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241688 for CVE-2025-46421",
          "url": "https://bugzilla.suse.com/1241688"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Enterprise Storage 7.1:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Enterprise Storage 7.1:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Micro 5.2:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-2_4-1-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-devel-2.68.4-150200.4.6.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libsoup-lang-2.68.4-150200.4.6.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Soup-2_4-2.68.4-150200.4.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-09T00:07:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-46421"
    }
  ]
}

SUSE-SU-2025:20375-1

Vulnerability from csaf_suse - Published: 2025-05-29 09:19 - Updated: 2025-05-29 09:19

Summary

Security update for libsoup

Severity

Important

Notes

Title of the patch: Security update for libsoup

Description of the patch: This update for libsoup fixes the following issues: - CVE-2025-2784: Fixed Heap buffer over-read in `skip_insignificant_space` when sniffing content (bsc#1240750) - CVE-2025-32050: Fixed Integer overflow in append_param_quoted (bsc#1240752) - CVE-2025-32051: Fixed Segmentation fault when parsing malformed data URI (bsc#1240754) - CVE-2025-32052: Fixed Heap buffer overflow in sniff_unknown() (bsc#1240756) - CVE-2025-32053: Fixed Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) - CVE-2025-32913: Fixed NULL pointer dereference in soup_message_headers_get_content_disposition (bsc#1241162) - CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) - CVE-2025-32912: Fixed NULL pointer dereference in SoupAuthDigest (bsc#1241214) - CVE-2025-32907: Fixed xcessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) - CVE-2025-32906: Fixed Out of bounds reads in soup_headers_parse_request() (bsc#1241263) - CVE-2025-32908: Fixed HTTP request may lead to server crash due to HTTP/2 server not fully validating the values of pseudo-headers (bsc#1241223) - CVE-2025-32909: Fixed NULL pointer dereference in the sniff_mp4 function in soup-content-sniffer.c (bsc#1241226) - CVE-2025-32911: Fixed Double free on soup_message_headers_get_content_disposition() via "params" (bsc#1241238) - CVE-2025-32910: Fixed null pointer deference on client when server omits the 'realm' parameter in an Unauthorized response with Digest authentication (bsc#1241252) - CVE-2025-46420: Fixed Memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) - CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688)

Patchnames: SUSE-SLE-Micro-6.0-340

CVE-2025-2784

7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32050

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32051

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32052

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32053

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32906

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32907

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32908

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32909

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32910

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32911

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32912

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32913

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32914

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-46420

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-46421

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

68 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-updates/2025…	self
https://bugzilla.suse.com/1240750	self
https://bugzilla.suse.com/1240752	self
https://bugzilla.suse.com/1240754	self
https://bugzilla.suse.com/1240756	self
https://bugzilla.suse.com/1240757	self
https://bugzilla.suse.com/1241162	self
https://bugzilla.suse.com/1241164	self
https://bugzilla.suse.com/1241214	self
https://bugzilla.suse.com/1241222	self
https://bugzilla.suse.com/1241223	self
https://bugzilla.suse.com/1241226	self
https://bugzilla.suse.com/1241238	self
https://bugzilla.suse.com/1241252	self
https://bugzilla.suse.com/1241263	self
https://bugzilla.suse.com/1241686	self
https://bugzilla.suse.com/1241688	self
https://www.suse.com/security/cve/CVE-2025-2784/	self
https://www.suse.com/security/cve/CVE-2025-32050/	self
https://www.suse.com/security/cve/CVE-2025-32051/	self
https://www.suse.com/security/cve/CVE-2025-32052/	self
https://www.suse.com/security/cve/CVE-2025-32053/	self
https://www.suse.com/security/cve/CVE-2025-32906/	self
https://www.suse.com/security/cve/CVE-2025-32907/	self
https://www.suse.com/security/cve/CVE-2025-32908/	self
https://www.suse.com/security/cve/CVE-2025-32909/	self
https://www.suse.com/security/cve/CVE-2025-32910/	self
https://www.suse.com/security/cve/CVE-2025-32911/	self
https://www.suse.com/security/cve/CVE-2025-32912/	self
https://www.suse.com/security/cve/CVE-2025-32913/	self
https://www.suse.com/security/cve/CVE-2025-32914/	self
https://www.suse.com/security/cve/CVE-2025-46420/	self
https://www.suse.com/security/cve/CVE-2025-46421/	self
https://www.suse.com/security/cve/CVE-2025-2784	external
https://bugzilla.suse.com/1240750	external
https://www.suse.com/security/cve/CVE-2025-32050	external
https://bugzilla.suse.com/1240752	external
https://www.suse.com/security/cve/CVE-2025-32051	external
https://bugzilla.suse.com/1240754	external
https://www.suse.com/security/cve/CVE-2025-32052	external
https://bugzilla.suse.com/1240756	external
https://www.suse.com/security/cve/CVE-2025-32053	external
https://bugzilla.suse.com/1240757	external
https://www.suse.com/security/cve/CVE-2025-32906	external
https://bugzilla.suse.com/1241263	external
https://www.suse.com/security/cve/CVE-2025-32907	external
https://bugzilla.suse.com/1241222	external
https://www.suse.com/security/cve/CVE-2025-32908	external
https://bugzilla.suse.com/1241223	external
https://www.suse.com/security/cve/CVE-2025-32909	external
https://bugzilla.suse.com/1241226	external
https://www.suse.com/security/cve/CVE-2025-32910	external
https://bugzilla.suse.com/1241252	external
https://www.suse.com/security/cve/CVE-2025-32911	external
https://bugzilla.suse.com/1241238	external
https://www.suse.com/security/cve/CVE-2025-32912	external
https://bugzilla.suse.com/1241214	external
https://www.suse.com/security/cve/CVE-2025-32913	external
https://bugzilla.suse.com/1241162	external
https://www.suse.com/security/cve/CVE-2025-32914	external
https://bugzilla.suse.com/1241164	external
https://www.suse.com/security/cve/CVE-2025-46420	external
https://bugzilla.suse.com/1241686	external
https://www.suse.com/security/cve/CVE-2025-46421	external
https://bugzilla.suse.com/1241688	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for libsoup",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for libsoup fixes the following issues:\n\n- CVE-2025-2784: Fixed Heap buffer over-read in `skip_insignificant_space` when sniffing content (bsc#1240750)\n- CVE-2025-32050: Fixed Integer overflow in append_param_quoted (bsc#1240752)\n- CVE-2025-32051: Fixed Segmentation fault when parsing malformed data URI (bsc#1240754)\n- CVE-2025-32052: Fixed Heap buffer overflow in sniff_unknown() (bsc#1240756)\n- CVE-2025-32053: Fixed Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757)\n- CVE-2025-32913: Fixed NULL pointer dereference in soup_message_headers_get_content_disposition (bsc#1241162)\n- CVE-2025-32914: Fixed out of bounds read  in `soup_multipart_new_from_message()` (bsc#1241164)\n- CVE-2025-32912: Fixed NULL pointer dereference in SoupAuthDigest (bsc#1241214)\n- CVE-2025-32907: Fixed xcessive memory consumption in server when client requests a large amount of overlapping\n  ranges in a single HTTP request (bsc#1241222)\n- CVE-2025-32906: Fixed Out of bounds reads in soup_headers_parse_request() (bsc#1241263)\n- CVE-2025-32908: Fixed HTTP request may lead to server crash due to HTTP/2 server not fully validating the values\n  of pseudo-headers (bsc#1241223)\n- CVE-2025-32909: Fixed NULL pointer dereference in the sniff_mp4 function in soup-content-sniffer.c (bsc#1241226)\n- CVE-2025-32911: Fixed Double free on soup_message_headers_get_content_disposition() via \"params\" (bsc#1241238)\n- CVE-2025-32910: Fixed null pointer deference on client when server omits the \u0027realm\u0027 parameter in an Unauthorized\n  response with Digest authentication (bsc#1241252)\n- CVE-2025-46420: Fixed Memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686)\n- CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.0-340",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20375-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:20375-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520375-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:20375-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040264.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240750",
        "url": "https://bugzilla.suse.com/1240750"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240752",
        "url": "https://bugzilla.suse.com/1240752"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240754",
        "url": "https://bugzilla.suse.com/1240754"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240756",
        "url": "https://bugzilla.suse.com/1240756"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240757",
        "url": "https://bugzilla.suse.com/1240757"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241162",
        "url": "https://bugzilla.suse.com/1241162"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241164",
        "url": "https://bugzilla.suse.com/1241164"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241214",
        "url": "https://bugzilla.suse.com/1241214"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241222",
        "url": "https://bugzilla.suse.com/1241222"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241223",
        "url": "https://bugzilla.suse.com/1241223"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241226",
        "url": "https://bugzilla.suse.com/1241226"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241238",
        "url": "https://bugzilla.suse.com/1241238"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241252",
        "url": "https://bugzilla.suse.com/1241252"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241263",
        "url": "https://bugzilla.suse.com/1241263"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241686",
        "url": "https://bugzilla.suse.com/1241686"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241688",
        "url": "https://bugzilla.suse.com/1241688"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-2784 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-2784/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32050 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32050/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32051 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32051/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32052 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32052/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32053 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32053/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32906 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32906/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32907 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32907/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32908 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32908/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32909 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32909/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32910 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32910/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32911 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32911/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32912 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32912/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32913 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32913/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32914 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32914/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-46420 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-46420/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-46421 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-46421/"
      }
    ],
    "title": "Security update for libsoup",
    "tracking": {
      "current_release_date": "2025-05-29T09:19:43Z",
      "generator": {
        "date": "2025-05-29T09:19:43Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:20375-1",
      "initial_release_date": "2025-05-29T09:19:43Z",
      "revision_history": [
        {
          "date": "2025-05-29T09:19:43Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-3_0-0-3.4.2-6.1.aarch64",
                "product": {
                  "name": "libsoup-3_0-0-3.4.2-6.1.aarch64",
                  "product_id": "libsoup-3_0-0-3.4.2-6.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-3_0-0-3.4.2-6.1.s390x",
                "product": {
                  "name": "libsoup-3_0-0-3.4.2-6.1.s390x",
                  "product_id": "libsoup-3_0-0-3.4.2-6.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-3_0-0-3.4.2-6.1.x86_64",
                "product": {
                  "name": "libsoup-3_0-0-3.4.2-6.1.x86_64",
                  "product_id": "libsoup-3_0-0-3.4.2-6.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.0",
                "product": {
                  "name": "SUSE Linux Micro 6.0",
                  "product_id": "SUSE Linux Micro 6.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-3_0-0-3.4.2-6.1.aarch64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64"
        },
        "product_reference": "libsoup-3_0-0-3.4.2-6.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-3_0-0-3.4.2-6.1.s390x as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x"
        },
        "product_reference": "libsoup-3_0-0-3.4.2-6.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-3_0-0-3.4.2-6.1.x86_64 as component of SUSE Linux Micro 6.0",
          "product_id": "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        },
        "product_reference": "libsoup-3_0-0-3.4.2-6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-2784",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-2784"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-2784",
          "url": "https://www.suse.com/security/cve/CVE-2025-2784"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240750 for CVE-2025-2784",
          "url": "https://bugzilla.suse.com/1240750"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-2784"
    },
    {
      "cve": "CVE-2025-32050",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32050"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32050",
          "url": "https://www.suse.com/security/cve/CVE-2025-32050"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240752 for CVE-2025-32050",
          "url": "https://bugzilla.suse.com/1240752"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32050"
    },
    {
      "cve": "CVE-2025-32051",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32051"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The libsoup soup_uri_decode_data_uri() function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service (DoS).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32051",
          "url": "https://www.suse.com/security/cve/CVE-2025-32051"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240754 for CVE-2025-32051",
          "url": "https://bugzilla.suse.com/1240754"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32051"
    },
    {
      "cve": "CVE-2025-32052",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32052"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32052",
          "url": "https://www.suse.com/security/cve/CVE-2025-32052"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240756 for CVE-2025-32052",
          "url": "https://bugzilla.suse.com/1240756"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32052"
    },
    {
      "cve": "CVE-2025-32053",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32053"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32053",
          "url": "https://www.suse.com/security/cve/CVE-2025-32053"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240757 for CVE-2025-32053",
          "url": "https://bugzilla.suse.com/1240757"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32053"
    },
    {
      "cve": "CVE-2025-32906",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32906"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32906",
          "url": "https://www.suse.com/security/cve/CVE-2025-32906"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241263 for CVE-2025-32906",
          "url": "https://bugzilla.suse.com/1241263"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32906"
    },
    {
      "cve": "CVE-2025-32907",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32907"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. This does not allow for a full denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32907",
          "url": "https://www.suse.com/security/cve/CVE-2025-32907"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241222 for CVE-2025-32907",
          "url": "https://bugzilla.suse.com/1241222"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32907"
    },
    {
      "cve": "CVE-2025-32908",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32908"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32908",
          "url": "https://www.suse.com/security/cve/CVE-2025-32908"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241223 for CVE-2025-32908",
          "url": "https://bugzilla.suse.com/1241223"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32908"
    },
    {
      "cve": "CVE-2025-32909",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32909"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32909",
          "url": "https://www.suse.com/security/cve/CVE-2025-32909"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241226 for CVE-2025-32909",
          "url": "https://bugzilla.suse.com/1241226"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32909"
    },
    {
      "cve": "CVE-2025-32910",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32910"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the libsoup client to crash.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32910",
          "url": "https://www.suse.com/security/cve/CVE-2025-32910"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241252 for CVE-2025-32910",
          "url": "https://bugzilla.suse.com/1241252"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32910"
    },
    {
      "cve": "CVE-2025-32911",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32911"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32911",
          "url": "https://www.suse.com/security/cve/CVE-2025-32911"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241238 for CVE-2025-32911",
          "url": "https://bugzilla.suse.com/1241238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32911"
    },
    {
      "cve": "CVE-2025-32912",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32912"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32912",
          "url": "https://www.suse.com/security/cve/CVE-2025-32912"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241214 for CVE-2025-32912",
          "url": "https://bugzilla.suse.com/1241214"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32912"
    },
    {
      "cve": "CVE-2025-32913",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32913"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32913",
          "url": "https://www.suse.com/security/cve/CVE-2025-32913"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241162 for CVE-2025-32913",
          "url": "https://bugzilla.suse.com/1241162"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32913"
    },
    {
      "cve": "CVE-2025-32914",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32914"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32914",
          "url": "https://www.suse.com/security/cve/CVE-2025-32914"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241164 for CVE-2025-32914",
          "url": "https://bugzilla.suse.com/1241164"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32914"
    },
    {
      "cve": "CVE-2025-46420",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-46420"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-46420",
          "url": "https://www.suse.com/security/cve/CVE-2025-46420"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241686 for CVE-2025-46420",
          "url": "https://bugzilla.suse.com/1241686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-46420"
    },
    {
      "cve": "CVE-2025-46421",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-46421"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
          "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-46421",
          "url": "https://www.suse.com/security/cve/CVE-2025-46421"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241688 for CVE-2025-46421",
          "url": "https://bugzilla.suse.com/1241688"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.aarch64",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.s390x",
            "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-05-29T09:19:43Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-46421"
    }
  ]
}

SUSE-SU-2025:20446-1

Vulnerability from csaf_suse - Published: 2025-06-25 08:16 - Updated: 2025-06-25 08:16

Summary

Security update for libsoup

Severity

Important

Notes

Title of the patch: Security update for libsoup

Description of the patch: This update for libsoup fixes the following issues: - CVE-2025-2784: Fixed Heap buffer over-read in `skip_insignificant_space` when sniffing content (bsc#1240750) - CVE-2025-32050:Fixed Integer overflow in append_param_quoted (bsc#1240752) - CVE-2025-32051:Fixed Segmentation fault when parsing malformed data URI (bsc#1240754) - CVE-2025-32052:Fixed Heap buffer overflow in sniff_unknown() (bsc#1240756) - CVE-2025-32053:Fixed Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) - CVE-2025-32913:Fixed NULL pointer dereference in soup_message_headers_get_content_disposition (bsc#1241162) - CVE-2025-32914:Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) - CVE-2025-32912:Fixed NULL pointer dereference in SoupAuthDigest (bsc#1241214) - CVE-2025-32907:Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) - CVE-2025-32908:Fixed HTTP request leading to server crash due to HTTP/2 server not fully validating the values of pseudo-headers (bsc#1241223) - CVE-2025-32909:Fixed NULL pointer dereference in the sniff_mp4 function in soup-content-sniffer.c (bsc#1241226) - CVE-2025-32911:Fixed Double free on soup_message_headers_get_content_disposition() via "params" (bsc#1241238) - CVE-2025-32910:Fixed null pointer deference on client when server omits the 'realm' parameter in an Unauthorized response with Digest authentication (bsc#1241252) - CVE-2025-32906:Fixed Out of bounds reads in soup_headers_parse_request() (bsc#1241263) - CVE-2025-46420:Fixed Memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) - CVE-2025-46421:Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688)

Patchnames: SUSE-SLE-Micro-6.1-158

CVE-2025-2784

7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32050

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32051

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32052

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32053

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32906

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32907

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32908

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32909

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32910

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32911

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32912

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-32913

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-32914

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2025-46420

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2025-46421

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

68 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-updates/2025…	self
https://bugzilla.suse.com/1240750	self
https://bugzilla.suse.com/1240752	self
https://bugzilla.suse.com/1240754	self
https://bugzilla.suse.com/1240756	self
https://bugzilla.suse.com/1240757	self
https://bugzilla.suse.com/1241162	self
https://bugzilla.suse.com/1241164	self
https://bugzilla.suse.com/1241214	self
https://bugzilla.suse.com/1241222	self
https://bugzilla.suse.com/1241223	self
https://bugzilla.suse.com/1241226	self
https://bugzilla.suse.com/1241238	self
https://bugzilla.suse.com/1241252	self
https://bugzilla.suse.com/1241263	self
https://bugzilla.suse.com/1241686	self
https://bugzilla.suse.com/1241688	self
https://www.suse.com/security/cve/CVE-2025-2784/	self
https://www.suse.com/security/cve/CVE-2025-32050/	self
https://www.suse.com/security/cve/CVE-2025-32051/	self
https://www.suse.com/security/cve/CVE-2025-32052/	self
https://www.suse.com/security/cve/CVE-2025-32053/	self
https://www.suse.com/security/cve/CVE-2025-32906/	self
https://www.suse.com/security/cve/CVE-2025-32907/	self
https://www.suse.com/security/cve/CVE-2025-32908/	self
https://www.suse.com/security/cve/CVE-2025-32909/	self
https://www.suse.com/security/cve/CVE-2025-32910/	self
https://www.suse.com/security/cve/CVE-2025-32911/	self
https://www.suse.com/security/cve/CVE-2025-32912/	self
https://www.suse.com/security/cve/CVE-2025-32913/	self
https://www.suse.com/security/cve/CVE-2025-32914/	self
https://www.suse.com/security/cve/CVE-2025-46420/	self
https://www.suse.com/security/cve/CVE-2025-46421/	self
https://www.suse.com/security/cve/CVE-2025-2784	external
https://bugzilla.suse.com/1240750	external
https://www.suse.com/security/cve/CVE-2025-32050	external
https://bugzilla.suse.com/1240752	external
https://www.suse.com/security/cve/CVE-2025-32051	external
https://bugzilla.suse.com/1240754	external
https://www.suse.com/security/cve/CVE-2025-32052	external
https://bugzilla.suse.com/1240756	external
https://www.suse.com/security/cve/CVE-2025-32053	external
https://bugzilla.suse.com/1240757	external
https://www.suse.com/security/cve/CVE-2025-32906	external
https://bugzilla.suse.com/1241263	external
https://www.suse.com/security/cve/CVE-2025-32907	external
https://bugzilla.suse.com/1241222	external
https://www.suse.com/security/cve/CVE-2025-32908	external
https://bugzilla.suse.com/1241223	external
https://www.suse.com/security/cve/CVE-2025-32909	external
https://bugzilla.suse.com/1241226	external
https://www.suse.com/security/cve/CVE-2025-32910	external
https://bugzilla.suse.com/1241252	external
https://www.suse.com/security/cve/CVE-2025-32911	external
https://bugzilla.suse.com/1241238	external
https://www.suse.com/security/cve/CVE-2025-32912	external
https://bugzilla.suse.com/1241214	external
https://www.suse.com/security/cve/CVE-2025-32913	external
https://bugzilla.suse.com/1241162	external
https://www.suse.com/security/cve/CVE-2025-32914	external
https://bugzilla.suse.com/1241164	external
https://www.suse.com/security/cve/CVE-2025-46420	external
https://bugzilla.suse.com/1241686	external
https://www.suse.com/security/cve/CVE-2025-46421	external
https://bugzilla.suse.com/1241688	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for libsoup",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for libsoup fixes the following issues:\n\n- CVE-2025-2784: Fixed Heap buffer over-read in `skip_insignificant_space` \n  when sniffing content (bsc#1240750)\n- CVE-2025-32050:Fixed Integer overflow in append_param_quoted (bsc#1240752)\n- CVE-2025-32051:Fixed Segmentation fault when parsing malformed data URI (bsc#1240754)\n- CVE-2025-32052:Fixed Heap buffer overflow in sniff_unknown() (bsc#1240756)\n- CVE-2025-32053:Fixed Heap buffer overflows in sniff_feed_or_html() and\n  skip_insignificant_space() (bsc#1240757)\n- CVE-2025-32913:Fixed NULL pointer dereference in \n  soup_message_headers_get_content_disposition (bsc#1241162)\n- CVE-2025-32914:Fixed out of bounds read  in `soup_multipart_new_from_message()` (bsc#1241164)\n- CVE-2025-32912:Fixed NULL pointer dereference in SoupAuthDigest (bsc#1241214)\n- CVE-2025-32907:Fixed excessive memory consumption in server when client requests\n  a large amount of overlapping ranges in a single HTTP request (bsc#1241222)\n- CVE-2025-32908:Fixed HTTP request leading to server crash due to HTTP/2 server not fully\n  validating the values of pseudo-headers (bsc#1241223)\n- CVE-2025-32909:Fixed NULL pointer dereference in the sniff_mp4 function in \n  soup-content-sniffer.c (bsc#1241226)\n- CVE-2025-32911:Fixed Double free on soup_message_headers_get_content_disposition() \n  via \"params\" (bsc#1241238)\n- CVE-2025-32910:Fixed null pointer deference on client when server omits the \u0027realm\u0027 \n  parameter in an Unauthorized response with Digest authentication (bsc#1241252)\n- CVE-2025-32906:Fixed Out of bounds reads in soup_headers_parse_request() (bsc#1241263)\n- CVE-2025-46420:Fixed Memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686)\n- CVE-2025-46421:Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688) \n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.1-158",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20446-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:20446-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520446-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:20446-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040559.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240750",
        "url": "https://bugzilla.suse.com/1240750"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240752",
        "url": "https://bugzilla.suse.com/1240752"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240754",
        "url": "https://bugzilla.suse.com/1240754"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240756",
        "url": "https://bugzilla.suse.com/1240756"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240757",
        "url": "https://bugzilla.suse.com/1240757"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241162",
        "url": "https://bugzilla.suse.com/1241162"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241164",
        "url": "https://bugzilla.suse.com/1241164"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241214",
        "url": "https://bugzilla.suse.com/1241214"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241222",
        "url": "https://bugzilla.suse.com/1241222"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241223",
        "url": "https://bugzilla.suse.com/1241223"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241226",
        "url": "https://bugzilla.suse.com/1241226"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241238",
        "url": "https://bugzilla.suse.com/1241238"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241252",
        "url": "https://bugzilla.suse.com/1241252"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241263",
        "url": "https://bugzilla.suse.com/1241263"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241686",
        "url": "https://bugzilla.suse.com/1241686"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241688",
        "url": "https://bugzilla.suse.com/1241688"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-2784 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-2784/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32050 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32050/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32051 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32051/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32052 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32052/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32053 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32053/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32906 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32906/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32907 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32907/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32908 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32908/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32909 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32909/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32910 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32910/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32911 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32911/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32912 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32912/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32913 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32913/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32914 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32914/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-46420 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-46420/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-46421 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-46421/"
      }
    ],
    "title": "Security update for libsoup",
    "tracking": {
      "current_release_date": "2025-06-25T08:16:32Z",
      "generator": {
        "date": "2025-06-25T08:16:32Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:20446-1",
      "initial_release_date": "2025-06-25T08:16:32Z",
      "revision_history": [
        {
          "date": "2025-06-25T08:16:32Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
                "product": {
                  "name": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
                  "product_id": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
                "product": {
                  "name": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
                  "product_id": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
                "product": {
                  "name": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
                  "product_id": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64",
                "product": {
                  "name": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64",
                  "product_id": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.1",
                "product": {
                  "name": "SUSE Linux Micro 6.1",
                  "product_id": "SUSE Linux Micro 6.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64"
        },
        "product_reference": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le"
        },
        "product_reference": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x"
        },
        "product_reference": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        },
        "product_reference": "libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-2784",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-2784"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-2784",
          "url": "https://www.suse.com/security/cve/CVE-2025-2784"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240750 for CVE-2025-2784",
          "url": "https://bugzilla.suse.com/1240750"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-2784"
    },
    {
      "cve": "CVE-2025-32050",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32050"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32050",
          "url": "https://www.suse.com/security/cve/CVE-2025-32050"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240752 for CVE-2025-32050",
          "url": "https://bugzilla.suse.com/1240752"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32050"
    },
    {
      "cve": "CVE-2025-32051",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32051"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The libsoup soup_uri_decode_data_uri() function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service (DoS).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32051",
          "url": "https://www.suse.com/security/cve/CVE-2025-32051"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240754 for CVE-2025-32051",
          "url": "https://bugzilla.suse.com/1240754"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32051"
    },
    {
      "cve": "CVE-2025-32052",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32052"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32052",
          "url": "https://www.suse.com/security/cve/CVE-2025-32052"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240756 for CVE-2025-32052",
          "url": "https://bugzilla.suse.com/1240756"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32052"
    },
    {
      "cve": "CVE-2025-32053",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32053"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32053",
          "url": "https://www.suse.com/security/cve/CVE-2025-32053"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240757 for CVE-2025-32053",
          "url": "https://bugzilla.suse.com/1240757"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32053"
    },
    {
      "cve": "CVE-2025-32906",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32906"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32906",
          "url": "https://www.suse.com/security/cve/CVE-2025-32906"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241263 for CVE-2025-32906",
          "url": "https://bugzilla.suse.com/1241263"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32906"
    },
    {
      "cve": "CVE-2025-32907",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32907"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. This does not allow for a full denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32907",
          "url": "https://www.suse.com/security/cve/CVE-2025-32907"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241222 for CVE-2025-32907",
          "url": "https://bugzilla.suse.com/1241222"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32907"
    },
    {
      "cve": "CVE-2025-32908",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32908"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32908",
          "url": "https://www.suse.com/security/cve/CVE-2025-32908"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241223 for CVE-2025-32908",
          "url": "https://bugzilla.suse.com/1241223"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32908"
    },
    {
      "cve": "CVE-2025-32909",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32909"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32909",
          "url": "https://www.suse.com/security/cve/CVE-2025-32909"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241226 for CVE-2025-32909",
          "url": "https://bugzilla.suse.com/1241226"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32909"
    },
    {
      "cve": "CVE-2025-32910",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32910"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the libsoup client to crash.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32910",
          "url": "https://www.suse.com/security/cve/CVE-2025-32910"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241252 for CVE-2025-32910",
          "url": "https://bugzilla.suse.com/1241252"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32910"
    },
    {
      "cve": "CVE-2025-32911",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32911"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32911",
          "url": "https://www.suse.com/security/cve/CVE-2025-32911"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241238 for CVE-2025-32911",
          "url": "https://bugzilla.suse.com/1241238"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32911"
    },
    {
      "cve": "CVE-2025-32912",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32912"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32912",
          "url": "https://www.suse.com/security/cve/CVE-2025-32912"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241214 for CVE-2025-32912",
          "url": "https://bugzilla.suse.com/1241214"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-32912"
    },
    {
      "cve": "CVE-2025-32913",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32913"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32913",
          "url": "https://www.suse.com/security/cve/CVE-2025-32913"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241162 for CVE-2025-32913",
          "url": "https://bugzilla.suse.com/1241162"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32913"
    },
    {
      "cve": "CVE-2025-32914",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32914"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32914",
          "url": "https://www.suse.com/security/cve/CVE-2025-32914"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241164 for CVE-2025-32914",
          "url": "https://bugzilla.suse.com/1241164"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32914"
    },
    {
      "cve": "CVE-2025-46420",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-46420"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-46420",
          "url": "https://www.suse.com/security/cve/CVE-2025-46420"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241686 for CVE-2025-46420",
          "url": "https://bugzilla.suse.com/1241686"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-46420"
    },
    {
      "cve": "CVE-2025-46421",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-46421"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-46421",
          "url": "https://www.suse.com/security/cve/CVE-2025-46421"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241688 for CVE-2025-46421",
          "url": "https://bugzilla.suse.com/1241688"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T08:16:32Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-46421"
    }
  ]
}

WID-SEC-W-2025-0935

Vulnerability from csaf_certbund - Published: 2025-05-04 22:00 - Updated: 2026-03-02 23:00

Summary

Red Hat Enterprise Linux (libsoup): Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um Sicherheitsvorkehrungen zu umgehen, einen Denial-of-Service auszulösen, Dateien zu manipulieren oder Informationen offenzulegen.

Betroffene Betriebssysteme: - Linux - UNIX

CVE-2025-32050

Affected products

Known affected 11 products

Product	Identifier	Version
Red Hat Enterprise Linux libsoup Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:libsoup`	libsoup
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10

CVE-2025-32052

Affected products

Known affected 11 products

Product	Identifier	Version
Red Hat Enterprise Linux libsoup Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:libsoup`	libsoup
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10

CVE-2025-32053

Affected products

Known affected 11 products

Product	Identifier	Version
Red Hat Enterprise Linux libsoup Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:libsoup`	libsoup
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10

CVE-2025-32906

Affected products

Known affected 11 products

Product	Identifier	Version
Red Hat Enterprise Linux libsoup Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:libsoup`	libsoup
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10

CVE-2025-32907

Affected products

Known affected 11 products

Product	Identifier	Version
Red Hat Enterprise Linux libsoup Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:libsoup`	libsoup
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10

CVE-2025-32911

Affected products

Known affected 11 products

Product	Identifier	Version
Red Hat Enterprise Linux libsoup Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:libsoup`	libsoup
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10

CVE-2025-32913

Affected products

Known affected 11 products

Product	Identifier	Version
Red Hat Enterprise Linux libsoup Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:libsoup`	libsoup
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10

CVE-2025-46420

Affected products

Known affected 11 products

Product	Identifier	Version
Red Hat Enterprise Linux libsoup Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:libsoup`	libsoup
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10

CVE-2025-46421

Affected products

Known affected 11 products

Product	Identifier	Version
Red Hat Enterprise Linux libsoup Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:libsoup`	libsoup
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
IGEL OS IGEL	`cpe:/o:igel:os:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10

References

57 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2025:4439	external
https://access.redhat.com/errata/RHSA-2025:4440	external
https://access.redhat.com/errata/RHSA-2025:4508	external
https://access.redhat.com/errata/RHSA-2025:4538	external
https://access.redhat.com/errata/RHSA-2025:4624	external
https://access.redhat.com/errata/RHSA-2025:4560	external
https://ubuntu.com/security/notices/USN-7490-2	external
https://access.redhat.com/errata/RHSA-2025:4568	external
https://linux.oracle.com/errata/ELSA-2025-4560.html	external
https://ubuntu.com/security/notices/USN-7490-1	external
https://access.redhat.com/errata/RHSA-2025:4609	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://ubuntu.com/security/notices/USN-7490-3	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://access.redhat.com/errata/RHSA-2025:7505	external
https://access.redhat.com/errata/RHSA-2025:7436	external
https://alas.aws.amazon.com/AL2/ALAS-2025-2849.html	external
https://linux.oracle.com/errata/ELSA-2025-7436.html	external
https://access.redhat.com/errata/RHSA-2025:8128	external
https://kb.igel.com/security-safety/current/isn-2…	external
https://alas.aws.amazon.com/ALAS-2025-1979.html	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://access.redhat.com/errata/RHSA-2025:8292	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://linux.oracle.com/errata/ELSA-2025-8292.html	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://ubuntu.com/security/notices/USN-7565-1	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://access.redhat.com/errata/RHSA-2025:9179	external
http://linux.oracle.com/errata/ELSA-2025-8128.html	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://linux.oracle.com/errata/ELSA-2025-7505.html	external
https://linux.oracle.com/errata/ELSA-2025-9179.html	external
https://www.ibm.com/support/pages/node/7239594	external
https://ubuntu.com/security/notices/USN-7643-1	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://linux.oracle.com/errata/ELSA-2025-18183.html	external
https://linux.oracle.com/errata/ELSA-2025-19720.html	external
https://access.redhat.com/errata/RHSA-2025:21657	external
https://security.business.xerox.com/wp-content/up…	external
http://linux.oracle.com/errata/ELSA-2025-21657.html	external
https://lists.opensuse.org/archives/list/security…	external
https://linux.oracle.com/errata/ELSA-2026-0925.html	external
https://linux.oracle.com/errata/ELSA-2026-2628.html	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um Sicherheitsvorkehrungen zu umgehen, einen Denial-of-Service auszul\u00f6sen, Dateien zu manipulieren oder Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0935 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0935.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0935 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0935"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2025-05-04",
        "url": "https://access.redhat.com/errata/RHSA-2025:4439"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2025-05-04",
        "url": "https://access.redhat.com/errata/RHSA-2025:4440"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:4508 vom 2025-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2025:4508"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:4538 vom 2025-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2025:4538"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:4624 vom 2025-05-07",
        "url": "https://access.redhat.com/errata/RHSA-2025:4624"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:4560 vom 2025-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2025:4560"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7490-2 vom 2025-05-06",
        "url": "https://ubuntu.com/security/notices/USN-7490-2"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:4568 vom 2025-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2025:4568"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-4560 vom 2025-05-07",
        "url": "https://linux.oracle.com/errata/ELSA-2025-4560.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7490-1 vom 2025-05-06",
        "url": "https://ubuntu.com/security/notices/USN-7490-1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:4609 vom 2025-05-07",
        "url": "https://access.redhat.com/errata/RHSA-2025:4609"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:1503-1 vom 2025-05-07",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020786.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:1504-1 vom 2025-05-07",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020785.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:1509-1 vom 2025-05-07",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020806.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7490-3 vom 2025-05-07",
        "url": "https://ubuntu.com/security/notices/USN-7490-3"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:1510-1 vom 2025-05-07",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020805.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:1518-1 vom 2025-05-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020808.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:1519-1 vom 2025-05-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020816.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:7505 vom 2025-05-13",
        "url": "https://access.redhat.com/errata/RHSA-2025:7505"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:7436 vom 2025-05-13",
        "url": "https://access.redhat.com/errata/RHSA-2025:7436"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2025-2849 vom 2025-05-14",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2849.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-7436 vom 2025-05-22",
        "url": "https://linux.oracle.com/errata/ELSA-2025-7436.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:8128 vom 2025-05-26",
        "url": "https://access.redhat.com/errata/RHSA-2025:8128"
      },
      {
        "category": "external",
        "summary": "IGEL Security Notice ISN-2025-18 vom 2025-05-26",
        "url": "https://kb.igel.com/security-safety/current/isn-2025-18-critical-libsoup-vulnerability"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2025-1979 vom 2025-05-27",
        "url": "https://alas.aws.amazon.com/ALAS-2025-1979.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01503-1 vom 2025-05-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020946.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-3B89FEF0F9 vom 2025-05-30",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-3b89fef0f9"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:8292 vom 2025-05-29",
        "url": "https://access.redhat.com/errata/RHSA-2025:8292"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-C04E5B95F1 vom 2025-05-30",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-c04e5b95f1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01504-1 vom 2025-05-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020945.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-8292 vom 2025-06-03",
        "url": "https://linux.oracle.com/errata/ELSA-2025-8292.html"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:15189-1 vom 2025-06-02",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LI34B57WJ4B5UMQTOCNXAAI3NVKDGJWF/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01794-1 vom 2025-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021003.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01802-1 vom 2025-06-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/43A2DE3UIQ7XG5ICMTC6PF3B2FCB4TXU/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01801-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021085.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:01864-1 vom 2025-06-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021448.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7565-1 vom 2025-06-12",
        "url": "https://ubuntu.com/security/notices/USN-7565-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20375-1 vom 2025-06-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021492.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:9179 vom 2025-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2025:9179"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-8128 vom 2025-06-28",
        "url": "http://linux.oracle.com/errata/ELSA-2025-8128.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20446-1 vom 2025-06-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021720.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-7505 vom 2025-07-01",
        "url": "https://linux.oracle.com/errata/ELSA-2025-7505.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-9179 vom 2025-07-03",
        "url": "https://linux.oracle.com/errata/ELSA-2025-9179.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7239594 vom 2025-07-14",
        "url": "https://www.ibm.com/support/pages/node/7239594"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7643-1 vom 2025-07-17",
        "url": "https://ubuntu.com/security/notices/USN-7643-1"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-99768B0FAB vom 2025-07-30",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-99768b0fab"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-1F41505AF2 vom 2025-07-30",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-1f41505af2"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-18183 vom 2025-10-16",
        "url": "https://linux.oracle.com/errata/ELSA-2025-18183.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-19720 vom 2025-11-05",
        "url": "https://linux.oracle.com/errata/ELSA-2025-19720.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:21657 vom 2025-11-18",
        "url": "https://access.redhat.com/errata/RHSA-2025:21657"
      },
      {
        "category": "external",
        "summary": "XEROX Security Advisory XRX25-018 vom 2025-11-18",
        "url": "https://security.business.xerox.com/wp-content/uploads/2025/11/Xerox-Security-Bulletin-XRX25-018-Xerox-FreeFlow-Print-Server-v7.pdf"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-21657 vom 2025-12-11",
        "url": "http://linux.oracle.com/errata/ELSA-2025-21657.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:4514-1 vom 2025-12-23",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/64UIRCQU7OV3TBPNSNBY3USSHYXNJNQL/"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-0925 vom 2026-02-11",
        "url": "https://linux.oracle.com/errata/ELSA-2026-0925.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-2628 vom 2026-03-03",
        "url": "https://linux.oracle.com/errata/ELSA-2026-2628.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat Enterprise Linux (libsoup): Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-03-02T23:00:00.000+00:00",
      "generator": {
        "date": "2026-03-03T09:38:17.644+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2025-0935",
      "initial_release_date": "2025-05-04T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-05-04T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-05-05T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-05-06T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat, Ubuntu und Oracle Linux aufgenommen"
        },
        {
          "date": "2025-05-07T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
        },
        {
          "date": "2025-05-08T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-05-13T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat und Amazon aufgenommen"
        },
        {
          "date": "2025-05-21T22:00:00.000+00:00",
          "number": "7",
          "summary": "Referenz(en) aufgenommen: EUVD-2025-9569"
        },
        {
          "date": "2025-05-22T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-05-25T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-05-26T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von IGEL aufgenommen"
        },
        {
          "date": "2025-05-27T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-05-29T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von SUSE, Fedora und Red Hat aufgenommen"
        },
        {
          "date": "2025-06-02T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Oracle Linux, openSUSE und SUSE aufgenommen"
        },
        {
          "date": "2025-06-03T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-10T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-11T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-06-12T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-17T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-06-29T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-06-30T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
        },
        {
          "date": "2025-07-02T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-07-13T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-07-17T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-07-29T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2025-07-31T22:00:00.000+00:00",
          "number": "25",
          "summary": "Referenz(en) aufgenommen:"
        },
        {
          "date": "2025-10-16T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-11-04T23:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-11-17T23:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Red Hat und XEROX aufgenommen"
        },
        {
          "date": "2025-12-10T23:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-12-23T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-02-11T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2026-03-02T23:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        }
      ],
      "status": "final",
      "version": "32"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "V10",
                "product": {
                  "name": "IBM Power Hardware Management Console V10",
                  "product_id": "T023373",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:hardware_management_console:v10"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Power Hardware Management Console"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IGEL OS",
            "product": {
              "name": "IGEL OS",
              "product_id": "T017865",
              "product_identification_helper": {
                "cpe": "cpe:/o:igel:os:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IGEL"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libsoup",
                "product": {
                  "name": "Red Hat Enterprise Linux libsoup",
                  "product_id": "T043346",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:libsoup"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "v7",
                "product": {
                  "name": "Xerox FreeFlow Print Server v7",
                  "product_id": "T035098",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:xerox:freeflow_print_server:v7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FreeFlow Print Server"
          }
        ],
        "category": "vendor",
        "name": "Xerox"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-32050",
      "product_status": {
        "known_affected": [
          "T043346",
          "T002207",
          "67646",
          "T017865",
          "T000126",
          "T027843",
          "398363",
          "T035098",
          "T004914",
          "74185",
          "T023373"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-32050"
    },
    {
      "cve": "CVE-2025-32052",
      "product_status": {
        "known_affected": [
          "T043346",
          "T002207",
          "67646",
          "T017865",
          "T000126",
          "T027843",
          "398363",
          "T035098",
          "T004914",
          "74185",
          "T023373"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-32052"
    },
    {
      "cve": "CVE-2025-32053",
      "product_status": {
        "known_affected": [
          "T043346",
          "T002207",
          "67646",
          "T017865",
          "T000126",
          "T027843",
          "398363",
          "T035098",
          "T004914",
          "74185",
          "T023373"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-32053"
    },
    {
      "cve": "CVE-2025-32906",
      "product_status": {
        "known_affected": [
          "T043346",
          "T002207",
          "67646",
          "T017865",
          "T000126",
          "T027843",
          "398363",
          "T035098",
          "T004914",
          "74185",
          "T023373"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-32906"
    },
    {
      "cve": "CVE-2025-32907",
      "product_status": {
        "known_affected": [
          "T043346",
          "T002207",
          "67646",
          "T017865",
          "T000126",
          "T027843",
          "398363",
          "T035098",
          "T004914",
          "74185",
          "T023373"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-32907"
    },
    {
      "cve": "CVE-2025-32911",
      "product_status": {
        "known_affected": [
          "T043346",
          "T002207",
          "67646",
          "T017865",
          "T000126",
          "T027843",
          "398363",
          "T035098",
          "T004914",
          "74185",
          "T023373"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-32911"
    },
    {
      "cve": "CVE-2025-32913",
      "product_status": {
        "known_affected": [
          "T043346",
          "T002207",
          "67646",
          "T017865",
          "T000126",
          "T027843",
          "398363",
          "T035098",
          "T004914",
          "74185",
          "T023373"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-32913"
    },
    {
      "cve": "CVE-2025-46420",
      "product_status": {
        "known_affected": [
          "T043346",
          "T002207",
          "67646",
          "T017865",
          "T000126",
          "T027843",
          "398363",
          "T035098",
          "T004914",
          "74185",
          "T023373"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-46420"
    },
    {
      "cve": "CVE-2025-46421",
      "product_status": {
        "known_affected": [
          "T043346",
          "T002207",
          "67646",
          "T017865",
          "T000126",
          "T027843",
          "398363",
          "T035098",
          "T004914",
          "74185",
          "T023373"
        ]
      },
      "release_date": "2025-05-04T22:00:00.000+00:00",
      "title": "CVE-2025-46421"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-32053 (GCVE-0-2025-32053)

SUSE-SU-2025:1519-1

SUSE-SU-2025:20375-1

SUSE-SU-2025:20446-1

WID-SEC-W-2025-0935

Tags

Sightings

Nomenclature