8 matches found
ROOT-OS-DEBIAN-13-CVE-2025-4035 CVE-2025-4035 in rootio-libsoup3 - Patched by Root
Root has patched CVE-2025-4035 in the rootio-libsoup3 package for Root:Debian:13. Multiple fixed versions available...
Oracle Linux 10 : libsoup3 (ELSA-2025-7505)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7505 advisory. - Fix CVE-2025-4035, CVE-2025-4948, CVE-2025-32049, CVE-2025-32907 Tenable has extracted the preceding description block directly from the Oracle Linu...
Oracle Linux 10 : libsoup3 (ELSA-2025-8128)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-8128 advisory. - Fix CVE-2025-4035, CVE-2025-4948, CVE-2025-32049, CVE-2025-32907 Tenable has extracted the preceding description block directly from the Oracle Linu...
ALSA-2025:8128 Important: libsoup3 security update
Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...
CVE-2025-4035
A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set...
CVE-2025-4035
A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set...
CVE-2025-4035
creationtimestamp| type| source ---|---|--- 2025-04-29 13:12:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13805 2025-04-29 16:49:58+00:00| seen| https://t.me/cvedetector/24012...
CVE-2025-4035
Libsoup3 is affected by CVE-2025-4035: a cookie-domain validation bypass occurs when handling cookies where the domain contains at least two components and includes an uppercase character, allowing cookies to be set for public suffix domains a site does not own. The vulnerability is described acr...