{"id":"CVE-2025-32907","details":"A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. This does not allow for a full denial of service.","modified":"2026-04-16T04:38:03.759337160Z","published":"2025-04-14T14:15:24Z","related":["ALSA-2025:7436","ALSA-2025:8128","ALSA-2025:8292","SUSE-SU-2025:01503-1","SUSE-SU-2025:01504-1","SUSE-SU-2025:1503-1","SUSE-SU-2025:1504-1","SUSE-SU-2025:1509-1","SUSE-SU-2025:1510-1","SUSE-SU-2025:1518-1","SUSE-SU-2025:1519-1","SUSE-SU-2025:20375-1","SUSE-SU-2025:20446-1","openSUSE-SU-2025:15043-1","openSUSE-SU-2025:15044-1"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:4439"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:4440"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:4508"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:7436"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:8128"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:8292"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359342"},{"type":"WEB","url":"https://access.redhat.com/security/cve/CVE-2025-32907"}],"schema_version":"1.7.5"}