cve 2025 12105

CVE-2025-12105 is a vulnerability in the GNOME HTTP library libsoup that allows a remote attacker to trigger a heap use-after-free during specific HTTP/2 read/cancel sequences, resulting in a denial-of-service condition. This affects any application or service using a vulnerable libsoup build, including those relying on WebKit and GNOME HTTP plumbing. The tag covers discussions about the vulnerability's background, impact, and potential mitigations for systems using libsoup.