Lucene search
K

6 matches found

Snyk
Snyk
added 2026/03/06 5:5 a.m.4 views

CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection via improper input sanitization in the soupmessageheaderssetcontenttype function. An attacker can inject arbitrary HTTP headers and manipulate responses by supplying specially crafted values to the Content-Type header...

6.5CVSS5.9AI score0.00184EPSS
Exploits1References2
OSV
OSV
added 2025/06/24 5:1 p.m.3 views

CLSA-2025-1750784473 libsoup: Fix of 2 CVEs

CVE-2025-32911: fix use-after-free vulnerability in soupmessageheadersgetcontentdisposition function - CVE-2025-32913: fix NULL pointer dereference in soupmessageheadersgetcontentdisposition function...

9CVSS7.2AI score0.00798EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability in libsoup3, libsoup2.4

A flaw was discovered in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function...

7.5CVSS7.2AI score0.00694EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/05/06 1:53 p.m.6 views

libsoup: Double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" GHashTable value

A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...

9CVSS7.3AI score0.00798EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/04/16 2:35 a.m.3 views

SUSE CVE-2025-32911

A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...

8.1CVSS7AI score0.00798EPSS
Exploits0References16
CNNVD
CNNVD
added 2025/04/14 12:0 a.m.3 views

libsoup 安全漏洞

libsoup is a GNOME HTTP client/server library from the GNOME Project. A security vulnerability exists in libsoup, which stems from a double release issue in the function soupmessageheadersgetcontentdisposition...

9CVSS8.5AI score0.00798EPSS
Exploits0References3
Rows per page
Query Builder