CVE-2025-4945 – GNOME Libsoup Cookie Integer Overflow Vulnerability

May 19, 2025

CVE ID : CVE-2025-4945

Published : May 19, 2025, 5:15 p.m. | 1 hour, 33 minutes ago

Description : A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior, allowing an attacker to bypass cookie expiration logic, causing persistent or unintended cookie behavior. The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-26735 – Candid Grip PHP Remote File Inclusion Vulnerability

Next Article CVE-2025-4941 – PHPGurukul Credit Card Application Management System SQL Injection

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Helldivers 2: Heart of Democracy update is live, and you need to jump in to save Super Earth from the Illuminate

Qualcomm’s new Adreno Control Panel will let you fine-tune the GPU for certain games on Snapdragon X Elite devices

Samsung takes on LG’s best gaming TVs — adds NVIDIA G-SYNC support to 2025 flagship

The biggest unanswered questions about Xbox’s next-gen consoles

HCL Commerce V9.1 – The Power of HCL Commerce Search

HCL Commerce V9.1 – The Power of HCL Commerce Search

Community News: Latest PECL Releases (05.20.2025)

Getting Started with Personalization in Sitecore XM Cloud: Enable, Extend, and Execute

Helldivers 2: Heart of Democracy update is live, and you need to jump in to save Super Earth from the Illuminate

Helldivers 2: Heart of Democracy update is live, and you need to jump in to save Super Earth from the Illuminate

Qualcomm’s new Adreno Control Panel will let you fine-tune the GPU for certain games on Snapdragon X Elite devices

Samsung takes on LG’s best gaming TVs — adds NVIDIA G-SYNC support to 2025 flagship

CVE-2025-4945 – GNOME Libsoup Cookie Integer Overflow Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-5011 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

Microsoft pauses $1 billion data center project — have tech giants overestimated demand for AI?

Why SaaS Security is Suddenly Hot: Racing to Defend and Comply

Elon Musk’s Grok 3 AI coming to Azure proves Satya Nadella’s allegiance isn’t to OpenAI, but to maximizing Microsoft’s profit gains by heeding consumer demands

New Case Study: Global Retailer Overshares CSRF Tokens with Facebook

Can phones replace laptops? This underrated Samsung feature settled that debate for me

This AI Research Developed a Question-Answering System based on Retrieval-Augmented Generation (RAG) Using Chinese Wikipedia and Lawbank as Retrieval Sources

This ionizing air purifier kept my home free of smoke and odors (and it’s not a Levoit)

How to Upskilling in React Native quickly

CVE-2025-4945 – GNOME Libsoup Cookie Integer Overflow Vulnerability

Related Posts