ROOT-OS-DEBIAN-13-CVE-2026-5119 CVE-2026-5119 in rootio-libsoup3 - Patched by Root

Root has patched CVE-2026-5119 in the rootio-libsoup3 package for Root:Debian:13. Multiple fixed versions available...

Astra Linux – Vulnerability in libsoup2.4

GNOME libsoup before version 3.6.1 has an infinite loop and consumes a large amount of memory during the reading of certain patterns of WebSocket data from clients...

Astra Linux – Vulnerability in libsoup2.4

A flaw was discovered in libsoup. A vulnerability exists in the functions snifffeedorhtml and skipinsignificantspace, which may lead to an over-reading of the heap buffer...

[SECURITY] Fedora 43 Update: libsoup3-3.6.6-3.fc43

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

RHSA-2026:17482 Red Hat Security Advisory: libsoup3 security update

Bulletin has no description...

RHEL 10 : libsoup3 (RHSA-2026:15968)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:15968 advisory. Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup,...

Oracle Linux 10 : libsoup3 (ELSA-2026-15968)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-15968 advisory. - Add patches for CVE-2026-4271 and CVE-2026-5119 - Add patch for CVE-2026-1761 - Fix CVE-2026-0719 - Fix CVE-2025-14523 - Add patch for CVE-2025-121...

Fedora 44 : libsoup3 (2026-55dabf3975)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-55dabf3975 advisory. Add patch for CVE-2026-1539 Also remove Proxy-Authorization header on cross origin redirect Tenable has extracted the preceding description block directly fr...

[SECURITY] Fedora 43 Update: libsoup3-3.6.6-2.fc43

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

Linux Distros Unpatched Vulnerability : CVE-2026-0716

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsoup's WebSocket frame processing when handling incoming messages. If a non-default configuration is used where the maximum incoming...

RockyLinux 10 : libsoup3 (RLSA-2025:23139)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:23139 advisory. libsoup: Heap Use-After-Free in libsoup message queue handling during HTTP/2 read completion CVE-2025-12105 Tenable has extracted the preceding description bloc...

Oracle Linux 10 : libsoup3 (ELSA-2025-23139)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-23139 advisory. 3.6.5-7 - Add patch for CVE-2025-12105 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

OESA-2025-2279 libsoup3 security update

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. Security Fixes: A denial-of-service vulnerability has been identified in the libso...

[SECURITY] Fedora 41 Update: libsoup3-3.6.5-2.fc41

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

Astra Linux – Vulnerability in libsoup3, libsoup2.4

A flaw was discovered in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range multiple times in a single HTTP request, causing the server to use large amounts of memory. This does not resul...

Astra Linux – Vulnerability in libsoup3, libsoup2.4

A flaw was discovered in libsoup. The libsoup appendparamquoted function may contain an overflow bug, which can lead to a buffer under-read...

USN-7543-1 libsoup3, libsoup2.4 vulnerabilities

Jan Różański discovered that libsoup incorrectly handled certain headers when sending HTTP/2 requests over TLS. An attacker could possibly use this issue to cause a denial of service. This issue only affected libsoup3 in Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04. CVE-2025-32908 Jan Różańsk...