243 matches found
SUSE-SU-2025:20446-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2025-2784: Fixed Heap buffer over-read in skipinsignificantspace when sniffing content bsc1240750 - CVE-2025-32050:Fixed Integer overflow in appendparamquoted bsc1240752 - CVE-2025-32051:Fixed Segmentation fault when parsing malformed data...
The vulnerability of the soup_uri_decode_data_uri() function in the GNOME graphical interface library libsoup allows a attacker to cause a service failure.
The vulnerability of the soupuridecodedatauri function in the libsoup library, a GNOME graphical interface library, is related to insufficient checking of exceptional states. Exploiting this vulnerability could allow an attacker to cause a service failure by sending a specially crafted POST reque...
CVE-2021-24559
The Qyrr WordPress plugin before 0.7 does not escape the data-uri of the QR Code when outputting it in a src attribute, allowing for Cross-Site Scripting attacks. Furthermore, the datauritometa AJAX action, available to all authenticated users, only had a CSRF check in place, with the nonce...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing conten bsc1240750 CVE-2025-32050: Fixed integer overflow in appendparamquoted bsc1240752 CVE-2025-32051: Fixed segmentation fault when parsing malformed data URI...
CVE-2025-32051
A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...
CVE-2025-32051
A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...
AZL-59526 CVE-2025-32051 affecting package libsoup for versions less than 3.0.4-6
A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...
UBUNTU-CVE-2025-32051
A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...
CVE-2025-32051
Libsoup contains a vulnerability CVE-2025-32051 where soup_uri_decode_data_uri() may crash while processing malformed data URIs, leading to a DoS. Connected advisories (SUSE/SUSE-SU-2025 series, Mageia MGASA-2025-0261, and Diz/ Nessus references) confirm this CVE among multiple libsoup issues and...
CVE-2025-32051 Libsoup: segmentation fault when parsing malformed data uri
A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...
CVE-2025-32051 Libsoup: segmentation fault when parsing malformed data uri
A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...
CVE-2025-32051 Libsoup: segmentation fault when parsing malformed data uri
A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...
CVE-2025-32051
A flaw was found in libsoup. The libsoup soupuridecodedatauri function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service DoS...
PT-2024-40550 · Mozilla · Seamonkey
Name of the Vulnerable Software and Affected Versions: SeaMonkey versions prior to 2.53.19 Description: The issue is related to a security vulnerability in SeaMonkey. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where thi...
PT-2025-14758
Name of the Vulnerable Software and Affected Versions libsoup affected versions not specified Description A flaw was found in the libsoup soup uri decode data uri function, which may crash when processing malformed data URI, allowing an attacker to cause a denial of service DoS. Recommendations A...
Fedora 40 : rubygem-rails-html-sanitizer (2023-91e69ea326)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-91e69ea326 advisory. Automatic update for rubygem-rails-html-sanitizer-1.6.0-1.fc40. Changelog Thu Nov 23 2023 Vt Ondruch - 1.6.0-1 - Update to rails-html-sanitizer 1.6....
CVE-2021-24559
The Qyrr WordPress plugin before 0.7 does not escape the data-uri of the QR Code when outputting it in a src attribute, allowing for Cross-Site Scripting attacks. Furthermore, the datauritometa AJAX action, available to all authenticated users, only had a CSRF check in place, with the nonce...
CVE-2021-24559
The CVE concerns the Qyrr WordPress plugin prior to version 0.7. The vulnerability stems from two issues: (1) the plugin does not escape the data-uri of the QR Code when outputting it in a src attribute, enabling Cross-Site Scripting, and (2) the data_uri_to_meta AJAX action lacks robust CSRF pro...
PT-2024-10890 · WordPress · Qyrr Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: Qyrr WordPress plugin versions prior to 0.7 Description: The issue allows for Cross-Site Scripting attacks due to the failure to escape the data-uri of the QR Code when outputting it in a src attribute. Additionally, the data uri to meta AJAX...
WordPress plugin Qyrr security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...