Nixpkgs security tracker
Dismissed
Permalink
CVE-2025-7370
7.5 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): None (N)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): High (H)
by @LeSuisse Activity log
- Created suggestion
- @LeSuisse ignored package tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4"
- @LeSuisse dismissed
Libsoup: libsoup null pointer dereference
A flaw was found in libsoup. A NULL pointer dereference vulnerability occurs in libsoup's cookie parsing functionality. When processing a cookie without a domain parameter, the soup_cookie_jar_add_cookie() function will crash, resulting in a denial of service.
References
Affected products
libsoup
libsoup3
Matching in nixpkgs
pkgs.libsoup_2_4
HTTP client/server library for GNOME
-
nixos-unstable -
- nixpkgs-unstable 2.74.3
Ignored packages (1)
pkgs.tests.pkg-config.defaultPkgConfigPackages.%22libsoup-gnome-2.4%22
Test whether libsoup-2.74.3 exposes pkg-config modules libsoup-gnome-2.4
Package maintainers
-
@jtojnar Jan Tojnar <jtojnar@gmail.com>
-
@hedning Tor Hedin Brønner <torhedinbronner@gmail.com>
-
@7c6f434c Michael Raskin <7c6f434c@mail.ru>
-
@lovek323 Jason O'Conal <jason@oconal.id.au>
-
@bobby285271 Bobby Rong <rjl931189261@126.com>
-
@dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>