Lucene search
+L

311 matches found

Tenable Nessus
Tenable Nessus
added 2 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-15711

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in libsoup's WebSocket frame parsing implementation. The library fails to validate length rules specified in RFC 6455 5.5, which...

7.5CVSS6.1AI score0.00431EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-15714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability was found in libsoup's multipart processing subsystem. The flaw exists in the soupmultipartinputstreamreadheaders function...

6.5CVSS6.1AI score0.0039EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-15712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer over-read vulnerability was discovered in libsoup's versions: libsoup 3.0 to 3.7.0 HTTP/2 connection tracking framework. When the library processe...

5.9CVSS6.2AI score0.00498EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2026/07/09 2:13 p.m.6 views

USN-8523-1: libsoup vulnerabilities

Eric Su and Samuel Dainard discovered that libsoup incorrectly handled content with zero-length resources. An attacker could possibly use this issue to trigger a buffer over-read, resulting in information disclosure or a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04...

9.1CVSS6.8AI score0.0042EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in libsoup3

A flaw was discovered in the asynchronous message queue handling of the libsoup library, which is widely used by GNOME and WebKit-based applications for managing HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed...

7.5CVSS5.7AI score0.00416EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.13 views

RHEL 9 : libsoup (RHSA-2026:22317)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22317 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Information disclosure via cleartext...

8.2CVSS5.6AI score0.00254EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

libsoup 安全漏洞

Libsoup is a GNOME project’s HTTP client/server library. Libsoup has a security vulnerability, which stems from an error in the unsigned-to-signed conversion in the soupbodyinputstreamreadchunked function. This vulnerability could allow remote attackers to bypass security controls by sending...

4.8CVSS5.8AI score0.00872EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-6324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the soupbodyinputstreamreadchunked function by sending a...

4.8CVSS5.8AI score0.00872EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.12 views

TencentOS Server 3: libsoup (TSSA-2026:0368)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0368 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.15 views

Alibaba Cloud Linux 3 : 0124: libsoup (ALINUX3-SA-2026:0124)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0124 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-5119: A flaw was found in libsoup. When...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libsoup2.4

A flaw was discovered in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user with respect to the original host that issued the redirect...

6.8CVSS6.8AI score0.00507EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in libsoup2.4

A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receives an HTTP response with a status code of 401 Unauthorized, which contains a specially crafted domain parameter within the WWW-Authenticate header...

4.3CVSS6.6AI score0.00337EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libsoup2.4

A vulnerability was discovered in the libsoup package. This flaw arises from its failure to correctly verify the termination of multipart HTTP messages. This could allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its...

6.5CVSS6.8AI score0.00765EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.10 views

RHEL 9 : libsoup (RHSA-2026:19356)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19356 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Information disclosure via cleartext...

8.2CVSS5.9AI score0.00254EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/11 9:39 p.m.44 views

libsoup: libsoup: Denial of Service via Use-After-Free in HTTP/2 server

A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause authentication failures. This can lead to the...

7.5CVSS5.8AI score0.00829EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

MiracleLinux 8 : libsoup-2.62.3-14.el8_10 (AXSA:2026-596:09)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-596:09 advisory. libsoup: libsoup: Information disclosure via cleartext transmission of cookies during HTTPS tunnel establishment CVE-2026-5119 Tenable has extracted the...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.6 views

AlmaLinux 8 : libsoup (ALSA-2026:14087)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:14087 advisory. libsoup: libsoup: Information disclosure via cleartext transmission of cookies during HTTPS tunnel establishment CVE-2026-5119 Tenable has extracted the preceding...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.10 views

MiracleLinux 9 : libsoup-2.72.0-12.el9_7.6 (AXSA:2026-573:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-573:08 advisory. libsoup: libsoup: Information disclosure via cleartext transmission of cookies during HTTPS tunnel establishment CVE-2026-5119 Tenable has extracted the...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/05/06 1:0 p.m.97 views

libsoup: libsoup: Information disclosure via cleartext transmission of cookies during HTTPS tunnel establishment

A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential...

8.2CVSS5.7AI score0.00254EPSS
Exploits1References5
NVD
NVD
added 2026/04/23 10:16 p.m.6 views

CVE-2026-2708

A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic. The soupmessageheadersappendcommon function in libsoup/soup-message-headers.c unconditionally appends each header value without validating for duplicate or conflicting Content-Length fields. This allows an attacker...

5.3CVSS0.00321EPSS
Exploits1References4
Rows per page
Query Builder