cve 2025 2784

About this tag
CVE-2025-2784 is a heap buffer over-read vulnerability in the libsoup content sniffer, specifically in the function that skips insignificant whitespace while determining content type. This one-byte out-of-bounds read can be triggered by a crafted HTTP response from a server. The vulnerability affects Linux distributions and GNOME-based stacks, prompting a widespread emergency patching wave. Users should apply patches from their distribution or update libsoup to the fixed version to mitigate the risk.
  1. CVE-2025-2784 Libsoup Content Sniffer One-Byte OOB Read Patch Guide

    A subtle one‑byte out‑of‑bounds read in a content‑sniffing routine has forced a widespread emergency patching wave across Linux distributions and GNOME‑based stacks: CVE‑2025‑2784 is a heap buffer over‑read in libsoup’s content sniffer — specifically in the function that skips “insignificant”...