CNNVD-202509-4180 Information

CNNVD ID

CNNVD-202509-4180

Related CVE

CVE-2025-11021

• CNNVD Published: 2025-09-26

Description (Chinese)

libsoup是GNOME项目的一款GNOME的HTTP客户端/服务器库。 libsoup存在缓冲区错误漏洞，该漏洞源于处理特制过期日期的cookie时存在内存越界读取，可能导致内存内容意外泄露。

Description (English)

Libsoup is the HTTP client/server library of the GNOME project. Libsoup had an error loophole in the buffer zone, which stemmed from the presence of memory cross-border access when processing cookies with special expired dates, which could lead to accidental leakage of memory content.

Hazard Level

Medium

Vulnerability Type

缓冲区错误

Affected Vendor

GNOME

Published

2025-09-26

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-11021 https://bugzilla.redhat.com/show_bug.cgi?id=2399627 https://vigilance.fr/vulnerability/libsoup-out-of-bounds-memory-reading-via-Cookie-Date-48511