6 matches found
libsoup3 security update
An update is available for libsoup3. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Libsoup is an HTTP library implementation in C. It was originally part of a...
libsoup: Cookie domain validation bypass via uppercase characters in libsoup
A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set...
CVE-2025-4035 Libsoup: cookie domain validation bypass via uppercase characters in libsoup
A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set...
CVE-2025-4035 Libsoup: cookie domain validation bypass via uppercase characters in libsoup
A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set...
libsoup 安全漏洞
libsoup is a GNOME HTTP client/server library from the GNOME Project. A security vulnerability exists in libsoup that stems from bypassing cookie domain validation via capitalized characters...
SUSE-SU-2019:2114-1 Security update for python
This update for python fixes the following issues: - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation bsc1141853...