关键漏洞信息 CVE编号: CVE-2025-4945 漏洞类型: Integer Overflow in Cookie Expiration Date Handling in libsoup 报告日期: 2025-05-19 04:52 UTC 修改日期: 2025-05-19 15:53 UTC 优先级: low 严重性: low 受影响产品: Security Response 组件: vulnerability 操作系统: Linux 硬件: All 漏洞描述 Integer Overflow or Wraparound vulnerability in the cookie parsing logic of the libsoup HTTP client/server library. This issue potentially allows improper handling of cookie expiration dates due to an integer overflow when processing excessively large values. The vulnerability arises from insufficient validation in the conversion logic of cookie expiration timestamps, which can result in undefined behavior. This may enable an attacker to craft malicious cookies that never expire or behave unpredictably, impacting session management and security policies in applications relying on libsoup.