openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2025:1503-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.18.2.2025.1503.1

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2025:1503-1)

Resumen: The remote host is missing an update for the 'libsoup2' package(s) announced via the SUSE-SU-2025:1503-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'libsoup2' package(s) announced via the SUSE-SU-2025:1503-1 advisory.

Vulnerability Insight:
This update for libsoup2 fixes the following issues:

- CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing conten (bsc#1240750)
- CVE-2025-32050: Fixed integer overflow in append_param_quoted (bsc#1240752)
- CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756)
- CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757)
- CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222)
- CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164)
- CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686)
- CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688)

Affected Software/OS:
'libsoup2' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:H/Au:N/C:C/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2025-2784
Common Vulnerability Exposure (CVE) ID: CVE-2025-32050
Common Vulnerability Exposure (CVE) ID: CVE-2025-32052
Common Vulnerability Exposure (CVE) ID: CVE-2025-32053
Common Vulnerability Exposure (CVE) ID: CVE-2025-32907
Common Vulnerability Exposure (CVE) ID: CVE-2025-32914
Common Vulnerability Exposure (CVE) ID: CVE-2025-46420
Common Vulnerability Exposure (CVE) ID: CVE-2025-46421

Copyright Copyright (C) 2025 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.18.2.2025.1503.1
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2025:1503-1)
Resumen:	The remote host is missing an update for the 'libsoup2' package(s) announced via the SUSE-SU-2025:1503-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libsoup2' package(s) announced via the SUSE-SU-2025:1503-1 advisory. Vulnerability Insight: This update for libsoup2 fixes the following issues: - CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing conten (bsc#1240750) - CVE-2025-32050: Fixed integer overflow in append_param_quoted (bsc#1240752) - CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756) - CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) - CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) - CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) - CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) - CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688) Affected Software/OS: 'libsoup2' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2025-2784 Common Vulnerability Exposure (CVE) ID: CVE-2025-32050 Common Vulnerability Exposure (CVE) ID: CVE-2025-32052 Common Vulnerability Exposure (CVE) ID: CVE-2025-32053 Common Vulnerability Exposure (CVE) ID: CVE-2025-32907 Common Vulnerability Exposure (CVE) ID: CVE-2025-32914 Common Vulnerability Exposure (CVE) ID: CVE-2025-46420 Common Vulnerability Exposure (CVE) ID: CVE-2025-46421
Copyright	Copyright (C) 2025 Greenbone AG