CVE-2025-8197

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-8197
Rejected reason: Maintainers have included reasons at https://gitlab.gnome.org/GNOME/libsoup/-/issues/465
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

14 Aug 2025, 03:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.5 		v2 : unknown
v3 : unknown
References
  • {'url': 'https://access.redhat.com/security/cve/CVE-2025-8197', 'tags': ['Third Party Advisory'], 'source': 'secalert@redhat.com'}
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=2383525', 'tags': ['Third Party Advisory'], 'source': 'secalert@redhat.com'}
CWE CWE-787
CPE cpe:2.3:a:gnome:libsoup:-:*:*:*:*:*:*:*
Summary
  • (es) Se detectó una vulnerabilidad de desbordamiento de búfer global en la función soup_header_name_to_string de Libsoup. Esta función no valida el parámetro `name` introducido y accede directamente a `soup_header_name_strings[name]`. El valor de `name` es controlable; cuando `name` excede el rango de índice de `soup_header_name_string`, se produce un acceso fuera de los límites.
Summary (en) A global buffer overflow vulnerability was found in the soup_header_name_to_string function in Libsoup. The `soup_header_name_to_string` function does not validate the `name` parameter passed in, and directly accesses `soup_header_name_strings[name]`. The value of `name` is controllable, when `name` exceeds the index range of `soup_headr_name_string`, it will cause an out-of-bounds access. (en) Rejected reason: Maintainers have included reasons at https://gitlab.gnome.org/GNOME/libsoup/-/issues/465

14 Aug 2025, 00:23

Type Values Removed Values Added
References () https://access.redhat.com/security/cve/CVE-2025-8197 - () https://access.redhat.com/security/cve/CVE-2025-8197 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2383525 - () https://bugzilla.redhat.com/show_bug.cgi?id=2383525 - Third Party Advisory
First Time Gnome libsoup
Gnome
CPE cpe:2.3:a:gnome:libsoup:-:*:*:*:*:*:*:*

29 Jul 2025, 14:14

Type Values Removed Values Added
Summary
  • (es) Se detectó una vulnerabilidad de desbordamiento de búfer global en la función soup_header_name_to_string de Libsoup. Esta función no valida el parámetro `name` introducido y accede directamente a `soup_header_name_strings[name]`. El valor de `name` es controlable; cuando `name` excede el rango de índice de `soup_header_name_string`, se produce un acceso fuera de los límites.

25 Jul 2025, 20:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-07-25 20:15

Updated : 2025-08-14 03:15

NVD link : CVE-2025-8197

Mitre link : CVE-2025-8197

CVE.ORG link : CVE-2025-8197

JSON object : View

Products Affected

No product.

CWE

No CWE.