{"id":"CVE-2025-4969","details":"A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read).","modified":"2026-03-23T05:30:50.927056Z","published":"2025-05-21T06:16:28Z","related":["SUSE-SU-2025:01794-1","SUSE-SU-2025:01801-1","SUSE-SU-2025:01802-1","SUSE-SU-2025:01812-1","SUSE-SU-2025:01817-1","SUSE-SU-2025:01864-1","SUSE-SU-2025:20453-1","SUSE-SU-2025:20598-1","openSUSE-SU-2025:15185-1","openSUSE-SU-2025:15189-1"],"references":[{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367552"},{"type":"WEB","url":"https://access.redhat.com/security/cve/CVE-2025-4969"}],"schema_version":"1.7.5"}