{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T13:47:39.375","vulnerabilities":[{"cve":{"id":"CVE-2025-4945","sourceIdentifier":"secalert@redhat.com","published":"2025-05-19T17:15:29.103","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior, allowing an attacker to bypass cookie expiration logic, causing persistent or unintended cookie behavior. The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines."},{"lang":"es","value":"Se encontró una falla en la lógica de análisis de cookies de la librería HTTP libsoup, utilizada en aplicaciones de GNOME y otro software. La vulnerabilidad surge al procesar la fecha de caducidad de las cookies, donde un valor especialmente manipulado puede provocar un desbordamiento de enteros. Esto puede provocar un comportamiento indefinido, permitiendo a un atacante eludir la lógica de caducidad de las cookies y provocando un comportamiento persistente o no deseado. El problema se debe a la validación incorrecta de entradas de enteros grandes durante las operaciones aritméticas de fechas dentro de las rutinas de análisis de cookies."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:19713","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19714","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19720","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:20959","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21032","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21655","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21656","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21657","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21664","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21665","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21666","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21772","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:22013","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-4945","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367175","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/448","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/448","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}]}