Logo
vulnerabilityCVE-2025-46420
Name
CVE-2025-46420
Source
NVD ( link)Debian ( link)
Description
A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes.
CWEs
CWE-401
Published Date
Updated Date
Workaround
-
Advisories

Analysis#

Affected Component
Analysis
libsoup
Patched
libsoup
Patched
libsoup-2.4
Patched

Vulnerability Ratings#

6.5
CVSSv31
NaN
other

Others affected components#

Name
Project
Project Version
Version
Status
libsoup
buildroot
2025.02.x
2.74.3
Patched
libsoup
buildroot
master
2.74.3
Patched
libsoup3
openwrt
master
3.7.1-r2
Not Affected
libsoup3
openwrt
openwrt-25.12
3.6.5-r1
Not Affected
libsoup
yocto
master
3.6.6
Not Affected
libsoup
yocto
scarthgap
3.4.4
Patched
libsoup-2.4
yocto
scarthgap
2.74.3
Patched

Resolved with patches#

libsoup (buildroot:2025.02.x)

#
Title
Author
Resolve
1
soup_header_parse_quality_list: Fix leak
Patrick Griffis <pgriffis@igalia.com>
CVE-2025-46420

libsoup (buildroot:master)

#
Title
Author
Resolve
1
soup_header_parse_quality_list: Fix leak
Patrick Griffis <pgriffis@igalia.com>
CVE-2025-46420

libsoup (yocto:kirkstone)

#
Title
Author
Resolve
1
soup_header_parse_quality_list: Fix leak
Patrick Griffis <pgriffis@igalia.com>
CVE-2025-46420

libsoup-2.4 (yocto:kirkstone)

#
Title
Author
Resolve
1
soup_header_parse_quality_list: Fix leak
Patrick Griffis <pgriffis@igalia.com>
CVE-2025-46420

libsoup-2.4 (yocto:scarthgap)

#
Title
Author
Resolve
1
soup_header_parse_quality_list: Fix leak
Patrick Griffis <pgriffis@igalia.com>
CVE-2025-46420