2 matches found
CVE-2026-12478
The fix for CVE-2026-0716 commit 6ff7ef0, libsoup 3.6.6 placed the integer overflow guard inside the if masked block, leaving unmasked server-to-client frames unprotected. A malicious WebSocket server can send a crafted unmasked frame with a payload length near UINT64MAX to trigger an OOB read in...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop in the FileTypeParser class. This is triggered when the ASF WMV/WMA parser receives input including an ASF sub-header with a size value of 0. An attacker can interrupt service with a 55-byte payload. Remediation A fix was...