1629 matches found
CBL Mariner 2.0 Security Update: libsoup (CVE-2025-32914)
The version of libsoup installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32914 advisory. - A flaw was found in libsoup, where the soupmultipartnewfrommessage function is vulnerable to an out-...
RHEL 8 : libsoup (RHSA-2025:4560)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4560 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Integer overflow in appendparamquoted...
libsoup: Double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" GHashTable value
A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...
Security Bulletin: Security vulnerabilities addressed with IBM Business Automation Workflow container updates in April 2025
Summary Multiple security vulnerabilities are addressed with IBM Business Automation Workflow containers updates in April 2025. Vulnerability Details CVEID:CVE-2023-50314 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the...
The vulnerability of the PSL validation mechanism in the Apache HttpClient client module of Apache HttpComponents allows a attacker to perform a CSRF attack.
The vulnerability of the PSL validation mechanism in the Apache HttpClient client module of Apache HttpComponents is related to errors in the certificate authentication process. Exploiting this vulnerability can allow a malicious actor to execute a CSRF attack remotely...
ai.intelliswarm:swarmai-core (>=1.0.24 <=1.0.28), ai.intelliswarm:swarmai-distributed (>=1.0.24 <=1.0.28) +2731 more potentially affected by CVE-2025-27820 via org.apache.httpcomponents.client5:httpclient5 (>=5.4-alpha1 <=5.4.2)
org.apache.httpcomponents.client5:httpclient5 MAVEN version =5.4-alpha1, =1.0.24, =1.0.24, =1.0.24, =1.0.24, =1.0.24, =1.0.27, =1.0.24, =1.0.24, =0.0.1, =0.0.1, =0.0.4, =0.0.4, =0.0.26, =0.0.1, =0.0.2 and more Source cves: CVE-2025-27820 Source advisory: OSV:GHSA-73M2-QFQ3-56CX...
SUSE CVE-2012-6153
http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via...
CVE-2025-32911
A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...
AZL-60489 CVE-2025-32911 affecting package libsoup for versions less than 3.4.4-3
A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...
CVE-2025-32911
A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...
UBUNTU-CVE-2025-32911
A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...
CVE-2025-32911
A concrete vulnerability exists in libsoup: a use-after-free in soup_message_headers_get_content_disposition() can lead to memory corruption in the Libsoup server/client when handling Content-Disposition parameters. Connected advisories confirm multiple related flaws in libsoup (including this CV...
CVE-2025-32911 Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value
A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...
CVE-2025-32911 Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value
A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...
CVE-2025-32911
A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...
CVE-2025-32914
A flaw was found in libsoup, where the soupmultipartnewfrommessage function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds...
CVE-2025-32914
A flaw was found in libsoup, where the soupmultipartnewfrommessage function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds...
CVE-2025-32914 Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process
A flaw was found in libsoup, where the soupmultipartnewfrommessage function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds...
CVE-2025-32914 Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process
A flaw was found in libsoup, where the soupmultipartnewfrommessage function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds...
CVE-2025-32914
CVE-2025-32914 affects libsoup and is described across multiple advisories (e.g., Rocky Linux, AlmaLinux/ALAS, Amazon Linux). The flaw is an out-of-bounds read in soup_multipart_new_from_message() in libsoup (soup-multipart.c), which can cause a crash or Denial of Service when processing certain ...