Lucene search
K

8 matches found

OSV
OSV
added 2026/06/22 8:18 a.m.5 views

ROOT-OS-DEBIAN-13-CVE-2025-4035 CVE-2025-4035 in rootio-libsoup3 - Patched by Root

Root has patched CVE-2025-4035 in the rootio-libsoup3 package for Root:Debian:13. Multiple fixed versions available...

4.3CVSS5.8AI score0.00348EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/01 12:0 a.m.5 views

Oracle Linux 10 : libsoup3 (ELSA-2025-7505)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7505 advisory. - Fix CVE-2025-4035, CVE-2025-4948, CVE-2025-32049, CVE-2025-32907 Tenable has extracted the preceding description block directly from the Oracle Linu...

7.5CVSS6.5AI score0.00832EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/06/27 12:0 a.m.5 views

Oracle Linux 10 : libsoup3 (ELSA-2025-8128)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-8128 advisory. - Fix CVE-2025-4035, CVE-2025-4948, CVE-2025-32049, CVE-2025-32907 Tenable has extracted the preceding description block directly from the Oracle Linu...

7.5CVSS6.4AI score0.00821EPSS
Exploits0References5
OSV
OSV
added 2025/05/26 12:0 a.m.14 views

ALSA-2025:8128 Important: libsoup3 security update

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

7.5CVSS9.5AI score0.00821EPSS
Exploits0References10
OSV
OSV
added 2025/04/29 1:15 p.m.8 views

CVE-2025-4035

A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set...

4.3CVSS6.6AI score0.00348EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/04/29 1:15 p.m.7 views

CVE-2025-4035

A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set...

4.3CVSS5.8AI score0.00348EPSS
Exploits0References2
Circl
Circl
added 2025/04/29 1:12 p.m.7 views

CVE-2025-4035

creationtimestamp| type| source ---|---|--- 2025-04-29 13:12:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13805 2025-04-29 16:49:58+00:00| seen| https://t.me/cvedetector/24012...

4.3CVSS4.6AI score0.00348EPSS
Exploits0References2
CVE
CVE
added 2025/04/29 12:56 p.m.114 views

CVE-2025-4035

Libsoup3 is affected by CVE-2025-4035: a cookie-domain validation bypass occurs when handling cookies where the domain contains at least two components and includes an uppercase character, allowing cookies to be set for public suffix domains a site does not own. The vulnerability is described acr...

4.3CVSS4.5AI score0.00348EPSS
Exploits0References5
Rows per page
Query Builder