CVE-2025-7370

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-7370
Rejected reason: Upon investigtion upstream maintainers discovered this was not a real issue. See the references for more details. See: https://gitlab.gnome.org/GNOME/libsoup/-/issues/430#note_2494090.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

15 Jul 2025, 21:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5 		v2 : unknown
v3 : unknown
References
  • {'url': 'https://access.redhat.com/security/cve/CVE-2025-7370', 'source': 'secalert@redhat.com'}
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=2378888', 'source': 'secalert@redhat.com'}
CWE CWE-476
Summary
  • (es) Se encontró una falla en libsoup. Se produce una vulnerabilidad de desreferencia de puntero nulo en la función de análisis de cookies de libsoup. Al procesar una cookie sin un parámetro de dominio, la función soup_cookie_jar_add_cookie() se bloquea, lo que provoca una denegación de servicio.
Summary (en) A flaw was found in libsoup. A NULL pointer dereference vulnerability occurs in libsoup's cookie parsing functionality. When processing a cookie without a domain parameter, the soup_cookie_jar_add_cookie() function will crash, resulting in a denial of service. (en) Rejected reason: Upon investigtion upstream maintainers discovered this was not a real issue. See the references for more details. See: https://gitlab.gnome.org/GNOME/libsoup/-/issues/430#note_2494090.

15 Jul 2025, 13:24

Type Values Removed Values Added
Summary
  • (es) Se encontró una falla en libsoup. Se produce una vulnerabilidad de desreferencia de puntero nulo en la función de análisis de cookies de libsoup. Al procesar una cookie sin un parámetro de dominio, la función soup_cookie_jar_add_cookie() se bloquea, lo que provoca una denegación de servicio.

10 Jul 2025, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-07-10 15:15

Updated : 2025-07-15 21:15

NVD link : CVE-2025-7370

Mitre link : CVE-2025-7370

CVE.ORG link : CVE-2025-7370

JSON object : View

Products Affected

No product.

CWE

No CWE.