11 matches found
OESA-2026-2667 libsoup3 security update
Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. Security Fixes: A flaw was found in libsoup. The SoupWebsocketConnection may accep...
Astra Linux – Vulnerability in libsoup2.4
A flaw was discovered in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which could cause libsoup to allocate memory and lead to a denial of service DoS attack...
CVE-2026-41400
OpenClaw (voice-call component) before 2026.3.31 is affected by an incomplete fix for CVE-2026-32062: the voice-call module parses oversized WebSocket frames before start validation, allowing remote attackers to cause resource consumption and denial of service. Affected package: openclaw and @ope...
MiracleLinux 7 : libsoup-2.62.2-2.0.5.0.1.el7.AXS7 (AXSA:2025-11110:15)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11110:15 advisory. CVE-2025-4948: fix integer underflow in soupmultipartnewfrommessage CVE-2025-32049: fix Denial of Service attack to websocket server CVE-2025-32914...
Linux Distros Unpatched Vulnerability : CVE-2025-32049
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial o...
CVE-2025-32049
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
AZL-59539 CVE-2025-32049 affecting package libsoup for versions less than 3.0.4-12
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
DEBIAN-CVE-2025-32049
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
CVE-2021-21419
Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to...
Eventlet 资源管理错误漏洞
Eventlet is a concurrent networking library for Python. A resource management error vulnerability exists in Eventlet versions prior to 0.31.0, which stems from the possibility that a websocket peer may exhaust memory on the Eventlet side by sending very large websocket frames...
Denial of Service
Overview Affected versions of uws do not properly handle large websocket messages when permessage-deflate is enabled, which may result in a denial of service condition. If uws recieves a 256Mb websocket message when permessage-deflate is enabled, the server will compress the message prior to...