Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup

A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal...

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup

A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal...

RHEL 8 : libsoup (RHSA-2025:8482)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:8482 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Heap buffer over-read in...

RHEL 9 : libsoup (RHSA-2025:8481)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:8481 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Heap buffer over-read in...

RHEL 8 : libsoup (RHSA-2025:8480)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:8480 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Heap buffer over-read in...

SUSE CVE-2025-49112

setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev-size - prev-used...

Security update for libsoup2

This update for libsoup2 fixes the following issues: CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 CVE-2025-32906: Fixed out of bounds reads in...

SUSE-SU-2025:01802-1 Security update for libsoup2

This update for libsoup2 fixes the following issues: - CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 - CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 - CVE-2025-32906: Fixed out of bounds reads in...

CVE-2024-54028

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-54028

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

UBUNTU-CVE-2024-54028

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-54028

CVE-2024-54028 is a memory corruption vulnerability in catdoc 0.95, caused by an integer underflow in the OLE Document DIFAT Parser. A specially crafted file can trigger heap-based memory corruption. Reports in Debian/Mageia advisories indicate fixes are available in updated catdoc packages (e.g....

CVE-2024-54028

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-54028

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-54028

An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2025-49112

A flaw was found in valkey. An integer underflow in the setDeferredReply function of networking.c allows an adjacent network attacker to potentially trigger unexpected behavior. This underflow occurs when calculating prev-size - prev-used, leading to a condition that may result in a denial of...

CVE-2025-49112

setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev-size - prev-used...