6 matches found
CRLF Injection
Overview Affected versions of this package are vulnerable to CRLF Injection via improper input sanitization in the soupmessageheaderssetcontenttype function. An attacker can inject arbitrary HTTP headers and manipulate responses by supplying specially crafted values to the Content-Type header...
CLSA-2025-1750784473 libsoup: Fix of 2 CVEs
CVE-2025-32911: fix use-after-free vulnerability in soupmessageheadersgetcontentdisposition function - CVE-2025-32913: fix NULL pointer dereference in soupmessageheadersgetcontentdisposition function...
Astra Linux – Vulnerability in libsoup3, libsoup2.4
A flaw was discovered in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function...
libsoup: Double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" GHashTable value
A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...
SUSE CVE-2025-32911
A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...
libsoup 安全漏洞
libsoup is a GNOME HTTP client/server library from the GNOME Project. A security vulnerability exists in libsoup, which stems from a double release issue in the function soupmessageheadersgetcontentdisposition...