You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 2784
About this tag
CVE-2025-2784 is a heap buffer over-read vulnerability in the libsoup content sniffer, specifically in the function that skips insignificant whitespace while determining content type. This one-byte out-of-bounds read can be triggered by a crafted HTTP response from a server. The vulnerability affects Linux distributions and GNOME-based stacks, prompting a widespread emergency patching wave. Users should apply patches from their distribution or update libsoup to the fixed version to mitigate the risk.
A subtle one‑byte out‑of‑bounds read in a content‑sniffing routine has forced a widespread emergency patching wave across Linux distributions and GNOME‑based stacks: CVE‑2025‑2784 is a heap buffer over‑read in libsoup’s content sniffer — specifically in the function that skips “insignificant”...