EUVD-2019-7681

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

libsoup versions 2.65.1 to 2.68.1 have a heap-based buffer over-read vulnerability due to improper length check

Reporter	Title	Published	Views	Family All 24
AlpineLinux	CVE-2019-17266	6 Oct 201921:48	–	alpinelinux
CVE	CVE-2019-17266	6 Oct 201921:48	–	cve
Cvelist	CVE-2019-17266	6 Oct 201921:48	–	cvelist
Debian CVE	CVE-2019-17266	6 Oct 201921:48	–	debiancve
Mageia	Updated libsoup packages fix security vulnerability	2 Nov 201916:54	–	mageia
NVD	CVE-2019-17266	6 Oct 201922:15	–	nvd
OpenVAS	Ubuntu: Security Advisory (USN-4152-1)	10 Oct 201900:00	–	openvas
OpenVAS	Mageia: Security Advisory (MGASA-2019-0312)	28 Jan 202200:00	–	openvas
OSV	CVE-2019-17266	6 Oct 201922:15	–	osv
OSV	DEBIAN-CVE-2019-17266	6 Oct 201922:15	–	osv

[
  {
    "enisaIdVendor": [
      {
        "id": "d087f734-4633-3bee-8ef5-d013f9ca3346",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "e163ea75-bc4e-3094-ae2e-e15505cabcfa",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
suse	www.suse.com/security/cve/CVE-2019-17266.html
ubuntu	www.ubuntu.com/security/CVE-2019-17266
advisories	www.advisories.mageia.org/CVE-2019-17266.html
gitlab	www.gitlab.gnome.org/GNOME/libsoup/issues/173
security-tracker	www.security-tracker.debian.org/tracker/CVE-2019-17266
gitlab	www.gitlab.gnome.org/GNOME/libsoup/commit/88b7dff4467f4151afae244ea7d1223753cd05ab
github	www.github.com/Kirin-say/Vulnerabilities/blob/master/CVE-2019-17266_POC.md
bugs	www.bugs.debian.org/cgi-bin/bugreport.cgi
mail-archive	www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1705054.html
gitlab	www.gitlab.gnome.org/GNOME/libsoup/commit/f8a54ac85eec2008c85393f331cdd251af8266ad

07 Oct 2025 00:30Current

8.5High risk

Vulners AI Score8.5

CVSS 3.19.8

CVSS 27.5

EPSS0.00937

libsoup vulnerability heap over-read ntlm message length check memcpy