{
  "threat_severity" : "Moderate",
  "public_date" : "2025-05-20T00:00:00Z",
  "bugzilla" : {
    "description" : "libsoup: Off-by-One Out-of-Bounds Read in find_boundary() in soup-multipart.c",
    "id" : "2367552",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2367552"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
    "status" : "draft"
  },
  "cwe" : "CWE-125",
  "details" : [ "A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read).", "A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read)." ],
  "statement" : "Red Hat Product Security has rated this vulnerability as with Moderate severity. Although this flaw may be exploited by an unauthenticated attacker and through the network, the attacker has little to no control over the information leaked. Additionally, the amount of bytes improperly read is low (only one byte is improperly read per attack), which makes this flaw very difficult to exploit to exfiltrate meaningful sensitive data.",
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Fix deferred",
    "package_name" : "libsoup3",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "libsoup",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "libsoup",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Out of support scope",
    "package_name" : "libsoup",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "libsoup",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-4969\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-4969" ],
  "name" : "CVE-2025-4969",
  "csaw" : false
}