Libsoup: libsoup: buffer overread due to integer underflow when handling zero-length resources

...

EUVD-2026-13105

A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service...

UBUNTU-CVE-2026-2369

A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service...

CVE-2026-2369

A vulnerability CVE-2026-2369 exists in libsoup where an integer underflow occurs when processing content with a zero-length resource, causing a buffer overread. Connected sources indicate this affects libsoup versions older than 3.4.4-14, with a patched release available (3.4.4-14). Potential im...

CVE-2026-2369 Libsoup: libsoup: buffer overread due to integer underflow when handling zero-length resources

A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service...

CVE-2026-2369

A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service...

SUSE-SU-2026:0834-1 Security update for libsoup2

This update for libsoup2 fixes the following issues: - CVE-2025-32049: denial of service attack to websocket server bsc1240751. - CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests bsc1257398. - CVE-2026-1539: proxy authentication credentials leaked via...

OESA-2026-1449 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw was found in SoupServer. This HTTP request smuggling vulnerability occur...

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-32049: denial of Service attack to websocket server bsc1240751. CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. CVE-2026-2443: out-of-bounds read when processing specially crafted...

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound via the process when handling zero-length resources. An attacker can access sensitive information or cause a denial of service by submitting specially crafted content. Remediation A fix was pushed in...

libsoup 数字错误漏洞

Libsoup is a GNOME project’s HTTP client/server library. Libsoup has a numerical error vulnerability, which stems from integer underflow when handling zero-length resources, leading to excessive buffer reading...