Lucene search
K

51 matches found

Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-26956

Name of the Vulnerable Software and Affected Versions libsoup affected versions not specified Description A use-after-free issue exists in libsoup's SoupServer. Specifically, the soup server disconnect function can free connection objects before a TLS handshake is finished. If the handshake...

8.2CVSS5.8AI score0.00447EPSS
Exploits1References21
Positive Technologies
Positive Technologies
added 2025/12/04 12:0 a.m.5 views

PT-2026-7987

Name of the Vulnerable Software and Affected Versions libsoup affected versions not specified Description A flaw exists in libsoup, an HTTP library used in GNOME-based systems. Improper validation of HTTP Range headers when processing specially crafted requests can lead to out-of-bounds read acce...

5.3CVSS6.2AI score0.0043EPSS
Exploits0References81
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.6 views

PT-2026-5660

Name of the Vulnerable Software and Affected Versions SoupServer affected versions not specified Description A flaw exists in SoupServer related to improper handling of HTTP requests that combine Transfer-Encoding: chunked and Connection: keep-alive headers. This can lead to an HTTP request...

5.3CVSS6.2AI score0.00423EPSS
Exploits0References80
SUSE CVE
SUSE CVE
added 2023/02/15 5:52 a.m.3 views

SUSE CVE-2011-2524

Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e encoded dot dot in a URI...

5CVSS6.9AI score0.01925EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.18 views

Scientific Linux Security Update : libsoup on SL6.x i386/x86_64

libsoup is an HTTP client/library implementation for GNOME. A directory traversal flaw was found in libsoup's SoupServer. If an application used SoupServer to implement an HTTP service, a remote attacker who is able to connect to that service could use this flaw to access any local files accessib...

5CVSS6.9AI score0.01925EPSS
Exploits0References2
NVD
NVD
added 2011/08/31 11:55 p.m.7 views

CVE-2011-2524

Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e encoded dot dot in a URI...

5CVSS6.4AI score0.01925EPSS
Exploits0References8
OSV
OSV
added 2011/08/31 11:55 p.m.2 views

DEBIAN-CVE-2011-2524

Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e encoded dot dot in a URI...

5CVSS6.9AI score0.01925EPSS
Exploits0References1
Cvelist
Cvelist
added 2011/08/31 11:0 p.m.15 views

CVE-2011-2524

Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e encoded dot dot in a URI...

9.2AI score0.01925EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2011/08/31 11:0 p.m.14 views

CVE-2011-2524

Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e encoded dot dot in a URI...

5CVSS8.3AI score0.01925EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2011/07/28 6:7 p.m.5 views

libsoup: SoupServer directory traversal flaw

Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e encoded dot dot in a URI...

5CVSS7.3AI score0.01925EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2011/06/23 12:0 a.m.16 views

libsoup -- unintentionally allow access to entire local filesystem

Dan Winship reports: Fixed a security hole that caused some SoupServer users to unintentionally allow accessing the entire local filesystem when they thought they were only providing access to a single directory...

7.5CVSS7.3AI score0.00858EPSS
Exploits0References2
Rows per page
Query Builder