CVE-2025-2784 Information

Description

A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.

Reference

https://access.redhat.com/security/cve/CVE-2025-2784 https://bugzilla.redhat.com/show_bug.cgi?id=2354669 https://gitlab.gnome.org/GNOME/libsoup/-/issues/422 https://gitlab.gnome.org/GNOME/libsoup/-/issues/422