22 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glib2 (UTSA-2026-016813)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016813 advisory. A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the gdatetimenewfromiso8601 function...
OPENSUSE-SU-2026:20384-1 Security update for libsoup
This update for libsoup fixes the following issues: Update to libsoup 3.6.6: - CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion bsc1252555. - CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy bsc1254876. - CVE-2025-32049:...
Low: firefox
Issue Overview: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used...
AZL-77087 CVE-2026-25727 affecting package rust 1.75.0-25
time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...
AZL-76994 CVE-2026-25727 affecting package kata-containers 3.19.1.kata2-4
time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...
AZL-76821 CVE-2026-25727 affecting package azl-compliance for versions less than 1.0.2-3
time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...
CVE-2026-25727
time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...
CVE-2026-25727
time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...
libsoup3 security update
3.6.5-9 - Fix CVE-2026-0719 3.6.5-8 - Fix CVE-2025-14523 3.6.5-7 - Add patch for CVE-2025-12105 3.6.5-6 - Fix integer overflow in date/time parsing 3.6.5-5 - Bump revision number 3.6.5-4 - Fix several CVEs...
CLSA-2025-1764678192 libsoup: Fix of 2 CVEs
CVE-2025-4945: fix integer overflow vulnerability in date/time parsing - CVE-2025-11021: fix out-of-bounds memory read in cookie date handling logic...
SUSE SLES12: libsoup-2_4-1 / libsoup-2_4-1-32bit / libsoup-devel / libsoup-lang / etc (SUSE-SU-2025:03026-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:03026-1 advisory. - CVE-2025-4945: Add value checks for date/time parsing bsc1243314. Tenable has extracted the preceding description block directly from the SUSE...
SUSE-SU-2025:03026-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2025-4945: Add value checks for date/time parsing bsc1243314...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-4945: Add value checks for date/time parsing bsc1243314. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command liste...
SUSE-SU-2025:02737-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2025-4945: Add value checks for date/time parsing bsc1243314...
Glibc: glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with g_date_time_new_from_iso8601().
...
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-4945: Add value checks for date/time parsing bsc1243314. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...
SUSE-SU-2025:02277-1 Security update for libsoup2
This update for libsoup2 fixes the following issues: - CVE-2025-4945: Add value checks for date/time parsing bsc1243314...
Security update for libsoup
This update for libsoup fixes the following issues: CVE-2025-4945: Add value checks for date/time parsing bsc1243314. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command liste...
SUSE-SU-2025:02276-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2025-4945: Add value checks for date/time parsing bsc1243314...
SUSE-SU-2025:02212-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2025-4945: Add value checks for date/time parsing bsc1243314...