3 matches found
PT-2026-30630
Distribution versions prior to 3.1.0 are affected by an issue where the software incorrectly handles token authentication endpoints. Specifically, when operating in pull-through cache mode, the software parses WWW-Authenticate challenges from the upstream registry without validating the realm URL...
SUSE CVE-2019-17266
libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soupntlmparsechallenge in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy...
DEBIAN-CVE-2019-17266
libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soupntlmparsechallenge in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy...