CVSS: 4.8EPSS: 0%CPEs: 15EXPL: 0CVE-2025-5265
https://notcve.org/view.php?id=CVE-2025-5265
27 May 2025 — Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. *This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 139, Firefox ESR < 115.24, and Firefox ESR < 128.11. Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into usi... • https://bugzilla.mozilla.org/show_bug.cgi?id=1962301 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.4EPSS: 0%CPEs: 25EXPL: 0CVE-2025-5263 – firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content
https://notcve.org/view.php?id=CVE-2025-5263
27 May 2025 — Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, and Firefox ESR < 128.11. Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11. A flaw was found in Firefox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1960745 • CWE-346: Origin Validation Error CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2025-4948 – Libsoup: integer underflow in soup_multipart_new_from_message() leading to denial of service in libsoup
https://notcve.org/view.php?id=CVE-2025-4948
19 May 2025 — A flaw was found in the soup_multipart_new_from_message() function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal calculation can go wrong, leading to an integer underflow. This can cause the program to access invalid memory and crash. As a result, any application or server using libsoup could be forced to exit unexpected... • https://access.redhat.com/security/cve/CVE-2025-4948 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-2025-32914 – Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process
https://notcve.org/view.php?id=CVE-2025-32914
14 Apr 2025 — A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. Alon Zahavi discovered that libsoup incorrectly parsed video files. • https://access.redhat.com/errata/RHSA-2025:7505 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2025-32912 – Libsoup: null pointer dereference in client when server omits the "nonce" parameter in an unauthorized response with digest authentication
https://notcve.org/view.php?id=CVE-2025-32912
14 Apr 2025 — A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. Alon Zahavi discovered that libsoup incorrectly parsed video files. • https://access.redhat.com/errata/RHSA-2025:7505 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2025-32910 – Libsoup: null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an unauthorized response with digest authentication
https://notcve.org/view.php?id=CVE-2025-32910
14 Apr 2025 — A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the libsoup client to crash. • https://access.redhat.com/errata/RHSA-2025:8292 • CWE-476: NULL Pointer Dereference •
CVSS: 9.0EPSS: 0%CPEs: 19EXPL: 0CVE-2025-32909 – Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c
https://notcve.org/view.php?id=CVE-2025-32909
14 Apr 2025 — A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. • https://access.redhat.com/errata/RHSA-2025:8292 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2025-32907 – Libsoup: denial of service in server when client requests a large amount of overlapping ranges with range header
https://notcve.org/view.php?id=CVE-2025-32907
14 Apr 2025 — A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. • https://access.redhat.com/security/cve/CVE-2025-32907 • CWE-1050: Excessive Platform Resource Consumption within a Loop •
CVSS: 8.5EPSS: 0%CPEs: 30EXPL: 0CVE-2025-32906 – Libsoup: out of bounds reads in soup_headers_parse_request()
https://notcve.org/view.php?id=CVE-2025-32906
14 Apr 2025 — A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. Alon Zahavi discovered that libsoup incorrectly parsed video fi... • https://access.redhat.com/security/cve/CVE-2025-32906 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2025-32913 – Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header
https://notcve.org/view.php?id=CVE-2025-32913
14 Apr 2025 — A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. Alon Zahavi discovered that libsoup incorre... • https://access.redhat.com/security/cve/CVE-2025-32913 • CWE-476: NULL Pointer Dereference •