EulerOS 2.0 SP12 : libsoup (EulerOS-SA-2026-1371)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw in libsoup's HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing...

EulerOS 2.0 SP12 : libsoup (EulerOS-SA-2026-1402)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw in libsoup's HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing...

EulerOS 2.0 SP13 : libsoup (EulerOS-SA-2026-1249)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw in libsoup's HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing...

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.21 LTS and 12.21.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

Amazon Linux 2023 : libsoup, libsoup-devel (ALAS2023-2026-1439)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1439 advisory. A flaw was found in libsoup. The libsoup appendparamquoted function may contain an overflow bug resulting in a buffer under-read. CVE-2025-32050 A flaw was found in libsoup. A vulnerability in...

Advisory ROSA-SA-2026-3191

Software: libsoup 2.62.3 OS: ROSA Virtualization 2.1 unaffected versions = libsoup-2.62.3-11.rv3 affected versions libsoup-2.62.3-11.rv3 CVE-ID: CVE-2025-4945 BDU-ID: 2025-10260 CVE-Crit: LOW CVE-DESC.: A vulnerability in the libsoup library of the GNOME GUI is related to integer overflow during...

Advisory ROSA-SA-2026-3151

Software: libsoup 2.62.3 OS: ROSA Virtualization 3.1 unaffected versions = libsoup-2.62.3-11.rv31 affected versions libsoup-2.62.3-11.rv31 CVE-ID: CVE-2025-4945 BDU-ID: 2025-10260 CVE-Crit: LOW CVE-DESC.: A vulnerability in the libsoup library of the GNOME GUI is related to integer overflow durin...

RLSA-2026:2214 Important: spice-client-win security update

Spice client MSI installers for Windows clients Security Fixes: libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication CVE-2026-0719 libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response Parsingmultipart HTTP response...

Important: Red Hat Security Advisory: spice-client-win security update

An update for spice-client-win is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 8 : libsoup (RHSA-2026:2512)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2512 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Signed to Unsigned Conversion Error Leadi...

RockyLinux 8 : spice-client-win (RLSA-2026:2214)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2214 advisory. libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication CVE-2026-0719 libsoup: Stack-Based...

AlmaLinux 10 : libsoup3 (ALSA-2026:2182)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2182 advisory. libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication CVE-2026-0719 libsoup: Stack-Based...

RHEL 8 : libsoup (RHSA-2026:2402)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2402 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Signed to Unsigned Conversion Error Leadi...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : libsoup vulnerabilities (USN-8020-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8020-1 advisory. It was discovered that libsoup did not correctly handle certain URL-decoded input, which could allow for HTTP header injection. A...

RHEL 8 : spice-client-win (RHSA-2026:2214)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2214 advisory. Spice client MSI installers for Windows clients Security Fixes: libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer...

MiracleLinux 8 : libsoup-2.62.3-9.el8_10 (AXSA:2025-9962:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9962:05 advisory. libsoup: Heap buffer over-read in skipinsignificantspace when sniffing content CVE-2025-2784 libsoup: Denial of Service attack to websocket server...

MiracleLinux 9 : libsoup-2.72.0-10.el9_6.1 (AXSA:2025-10579:11)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10579:11 advisory. libsoup: Integer overflow in appendparamquoted CVE-2025-32050 libsoup: Heap buffer overflow in sniffunknown CVE-2025-32052 libsoup: Heap buffer...

MiracleLinux 7 : libsoup-2.62.2-2.0.1.0.5.el7.AXS7 (AXSA:2025-10698:12)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10698:12 advisory. CVE-2025-32050: fix overflow in appendparamquoted CVE-2025-32052: fix heap buffer overflow in soupcontentsniffersniff CVE-2025-32053: fix heap buff...

MiracleLinux 8 : libsoup-2.62.3-8.el8_10 (AXSA:2025-9911:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9911:03 advisory. libsoup: Integer overflow in appendparamquoted CVE-2025-32050 libsoup: Heap buffer overflow in sniffunknown CVE-2025-32052 libsoup: Heap buffer...

MiracleLinux 9 : libsoup-2.72.0-10.el9_6.2 (AXSA:2025-10489:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10489:08 advisory. libsoup: Heap buffer over-read in skipinsignificantspace when sniffing content CVE-2025-2784 libsoup: Denial of Service attack to websocket server...