{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T22:27:37.598","vulnerabilities":[{"cve":{"id":"CVE-2025-4969","sourceIdentifier":"secalert@redhat.com","published":"2025-05-21T06:16:28.937","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read)."},{"lang":"es","value":"Se encontró una vulnerabilidad en el paquete libsoup. Esta falla se debe a que no verifica correctamente la terminación de los mensajes HTTP multiparte. Esto puede permitir que un atacante remoto envíe un cuerpo HTTP multiparte especialmente manipulado, lo que provoca que el servidor que consume libsoup lea más allá de los límites de memoria asignados (lectura fuera de los límites)."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2025-4969","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367552","source":"secalert@redhat.com"}]}}]}