6 matches found
EUVD-2026-16342
A flaw was found in libsoup's SoupServer. A remote attacker could exploit a use-after-free vulnerability where the soupserverdisconnect function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a...
CVE-2026-2436
A flaw was found in libsoup's SoupServer. A remote attacker could exploit a use-after-free vulnerability where the soupserverdisconnect function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a...
CVE-2026-2436
A flaw was found in libsoup's SoupServer. A remote attacker could exploit a use-after-free vulnerability where the soupserverdisconnect function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a...
libsoup 安全漏洞
Libsoup is a GNOME project’s HTTP client/server library. Libsoup has a security vulnerability that stems from the premature release of connection objects in the soupserverdisconnect function. This can lead to reuse of released objects, potentially causing server crashes and denial-of-service...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the handlepartialget process. An attacker can access sensitive information from heap memory by sending specially crafted HTTP Range headers to a server using the embedded SoupServer component. This is only...
CVE-2026-2443 Libsoup: out-of-bounds read in libsoup handle_partial_get() leading to heap information disclosure
A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server...