3 matches found
AZL-61958 CVE-2025-4969 affecting package libsoup for versions less than 3.4.4-9
A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated...
PT-2023-21955 · Vladimir Statsenko · Terms Descriptions Plugin
Name of the Vulnerable Software and Affected Versions: Vladimir Statsenko Terms descriptions plugin versions = 3.4.4 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a...
PT-2018-11169 · Cryptolib · Cryptolib
Name of the Vulnerable Software and Affected Versions: cryptlib versions 3.4.4 and earlier Description: The issue allows a memory-cache side-channel attack on DSA and ECDSA signatures, also known as the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to...