Critical Vulnerability Information CVE ID: CVE-2025-4945 Vulnerability Type: Integer Overflow in Cookie Expiration Date Handling in libsoup Report Date: 2025-05-19 04:52 UTC Modified Date: 2025-05-19 15:53 UTC Priority: low Severity: low Affected Product: Security Response Component: vulnerability Operating System: Linux Hardware: All Vulnerability Description Integer Overflow or Wraparound vulnerability in the cookie parsing logic of the libsoup HTTP client/server library. This issue potentially allows improper handling of cookie expiration dates due to an integer overflow when processing excessively large values. The vulnerability arises from insufficient validation in the conversion logic of cookie expiration timestamps, which can result in undefined behavior. This may enable an attacker to craft malicious cookies that never expire or behave unpredictably, impacting session management and security policies in applications relying on libsoup.