7 matches found
RLSA-2025:20959 Important: libsoup security update
The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup CVE-2025-4945 libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library CVE-2025-11021 For more details about the...
libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup
A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior,...
Alibaba Cloud Linux 3 : 0176: libsoup (ALINUX3-SA-2025:0176)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0176 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-11021: A flaw was found in the...
Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates
Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.16 LTS and 12.16.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2025-4945
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processin...
Linux Distros Unpatched Vulnerability : CVE-2025-4035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least...
PT-2025-22041
Name of the Vulnerable Software and Affected Versions: libsoup affected versions not specified Description: A flaw was found in the cookie parsing logic of the libsoup HTTP library, which is used in GNOME applications and other software. The issue arises when processing the expiration date of...