Lucene search
K

11 matches found

OSV
OSV
added 2026/06/12 12:26 p.m.7 views

OESA-2026-2667 libsoup3 security update

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. Security Fixes: A flaw was found in libsoup. The SoupWebsocketConnection may accep...

8.2CVSS6.6AI score0.00821EPSS
Exploits2References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libsoup2.4

A flaw was discovered in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which could cause libsoup to allocate memory and lead to a denial of service DoS attack...

7.5CVSS7AI score0.00821EPSS
Exploits0References2
CVE
CVE
added 2026/04/28 6:9 p.m.9 views

CVE-2026-41400

OpenClaw (voice-call component) before 2026.3.31 is affected by an incomplete fix for CVE-2026-32062: the voice-call module parses oversized WebSocket frames before start validation, allowing remote attackers to cause resource consumption and denial of service. Affected package: openclaw and @ope...

7.5CVSS5.2AI score0.00532EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 7 : libsoup-2.62.2-2.0.5.0.1.el7.AXS7 (AXSA:2025-11110:15)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11110:15 advisory. CVE-2025-4948: fix integer underflow in soupmultipartnewfrommessage CVE-2025-32049: fix Denial of Service attack to websocket server CVE-2025-32914...

7.5CVSS7.5AI score0.00821EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-32049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial o...

7.5CVSS7AI score0.00821EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/04/03 2:15 p.m.2 views

CVE-2025-32049

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...

7.5CVSS7AI score0.00821EPSS
Exploits0References17
OSV
OSV
added 2025/04/03 2:15 p.m.7 views

AZL-59539 CVE-2025-32049 affecting package libsoup for versions less than 3.0.4-12

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...

7.5CVSS7.1AI score0.00821EPSS
Exploits0References1
OSV
OSV
added 2025/04/03 2:15 p.m.2 views

DEBIAN-CVE-2025-32049

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...

7.5CVSS7.3AI score0.00821EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/05/07 3:15 p.m.37 views

CVE-2021-21419

Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to...

5.3CVSS6.8AI score0.01807EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/05/07 12:0 a.m.4 views

Eventlet 资源管理错误漏洞

Eventlet is a concurrent networking library for Python. A resource management error vulnerability exists in Eventlet versions prior to 0.31.0, which stems from the possibility that a websocket peer may exhaust memory on the Eventlet side by sending very large websocket frames...

5.3CVSS6.7AI score0.01807EPSS
Exploits0References18
Node.js
Node.js
added 2016/10/11 7:3 p.m.26 views

Denial of Service

Overview Affected versions of uws do not properly handle large websocket messages when permessage-deflate is enabled, which may result in a denial of service condition. If uws recieves a 256Mb websocket message when permessage-deflate is enabled, the server will compress the message prior to...

4.3CVSS3.6AI score0.0134EPSS
Exploits0Affected Software1
Rows per page
Query Builder