25 matches found
CVE-2026-3099
Affects Libsoup’s server-side Digest authentication in SoupAuthDomainDigest. The vulnerability arises from failure to properly track issued nonces and increment nonce-count (nc), enabling a remote attacker to capture a single valid authentication header and replay it to bypass authentication and ...
CVE-2018-12910
CVE-2018-12910 affects libsoup’s soup-cookie-jar.c get_cookies with an empty hostname, allowing unspecified impact per multiple advisories. The issue is described as a denial of service risk (and related out-of-bounds read concerns in some entries) in libsoup 2.63.2 and earlier. Public disclosure...
CVE-2017-2885
CVE-2017-2885 affects GNOME libsoup 2.58, with a stack-based buffer overflow in HTTP processing that can be triggered by a crafted request, potentially allowing remote code execution. Connected advisories confirm upstream Libsoup vulnerability and provide patches across distributions (e.g., Red H...
CVE-2026-5119
CVE-2026-5119 concerns libsoup. The flaw: when establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext inside the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, enabling ...
CVE-2019-17266
CVE-2019-17266 affects Libsoup (versions 2.65.1–2.68.1) with a heap-based buffer over-read caused by an insufficient length check in soup_ntlm_parse_challenge() before a memcpy. This could enable a remote attacker to trigger a denial of service; CVSS3/10 scores indicate high to critical impact on...
CVE-2025-2784
CVE-2025-2784 affects the libsoup library (GNOME HTTP client/server). A heap buffer over-read/over-run vulnerability is reported in the content sniffing path, notably in skip_insignificant_space (and related sniffing functions), allowing an out-of-bounds read on crafted responses. Connected advis...
CVE-2024-52531
Summary (CVE-2024-52531 in libsoup): GNOME libsoup versions before 3.6.1 are affected. The issue is a buffer overflow in applications that perform UTF-8 conversion in soup_header_parse_param_list_strict, with a plausible remote trigger via soup_message_headers_get_content_type. This can lead to m...
CVE-2024-52532
CVE-2024-52532 affects GNOME libsoup; versions before 3.6.1 have an infinite loop when processing certain WebSocket data, causing memory exhaustion and potential denial of service. Multiple connected advisories corroborate the issue and indicate upgrading to libsoup 3.6.1 or newer as remediation....
CVE-2018-11713
CVE-2018-11713 concerns WebKitGTK's WebKit Libsoup network backend. WebCore/SocketStreamHandleImplSoup.cpp could fail to use system proxy settings for WebSocket connections in WebKitGTK+ builds prior to 2.20.0 or when libsoup 2.62.0 is not present. This could allow a crafted web page to deanonymi...
CVE-2024-52530
CVE-2024-52530 affects GNOME libsoup (libsoup) prior to 3.6.0, where HTTP header parsing ignores trailing null characters in header names, causing a potential HTTP request smuggling vulnerability via a header like Transfer-Encoding\0: chunked. Connected documents confirm the issue across multiple...
CVE-2011-2524
Summary of CVE-2011-2524 (libsoup) : A directory traversal vulnerability exists in SoupServer’s soup-uri.c in libsoup prior to 2.35.4, allowing remote attackers to read arbitrary files via a %2e%2e in the URI. The issue affects libsoup across multiple advisories and distributions (e.g., MiracleLi...
CVE-2026-3632
CVE-2026-3632 affects the libsoup library used to send network requests. The root cause is improper hostname validation which allows special characters to be injected into HTTP headers, enabling HTTP smuggling and, in some cases, Server-Side Request Forgery (SSRF) . The incident is contextualized...
CVE-2026-4271
The CVE-2026-4271 entry describes a Use-After-Free in libsoup’s HTTP/2 server implementation. A remote attacker can send specially crafted HTTP/2 requests that trigger authentication failures, leading the application to access freed memory and potentially crash or become unstable (DoS). Connected...
CVE-2012-2132
CVE-2012-2132 affects libsoup 2.32.2 and earlier. The flaw: libsoup does not validate certificates or clear the trust flag when the ssl-ca-file is missing, allowing a remote attacker to bypass authentication by using an SSL connection. Publicly documented impact is a certificate/trust bypass rath...
CVE-2026-2443
CVE-2026-2443 affects the libsoup HTTP library used in GNOME-based systems. The issue arises when processing crafted HTTP Range headers, where the library may incorrectly validate requested byte ranges, potentially allowing an out-of-bounds read via the embedded SoupServer component. The root cau...
CVE-2026-1536
CVE-2026-1536 refers to a flaw in the libsoup HTTP library where an attacker able to control the Content-Disposition header input can inject CRLF sequences. This results in arbitrary HTTP header injection or HTTP response splitting without authentication. The connected IBM ACE bulletin documents ...
CVE-2026-1801
CVE-2026-1801 affects libsoup. The vulnerability stems from non-RFC-compliant parsing in soup_filter_input_stream_read_line(), allowing malformed chunk headers (for example, lone LF instead of CRLF) to enable HTTP Request Smuggling. A remote attacker can trigger this without authentication by sen...
CVE-2026-2708
CVE-2026-2708 affects the Libsoup HTTP/1 parser. The soup_message_headers_append_common() function unconditionally appends header values without validating for duplicate or conflicting Content-Length fields, enabling HTTP request smuggling via multiple Content-Length headers with differing values...
CVE-2026-12549
The CVE-2026-12549 entry concerns GNOME Libsoup (soupserver). A regression after the fix for CVE-2026-2443 replaced specific overflow checks with a general signed comparison. When a client issues a Range request with a suffix length exceeding the content size, the resulting negative start value i...
CVE-2026-1539
The connected IBM ACE bulletin confirms CVE-2026-1539 is a libsoup HTTP library issue: during HTTP redirects, the library removes the Authorization header but may fail to remove Proxy-Authorization when redirecting to a different host, potentially leaking proxy credentials to third-party servers....
CVE-2026-1467
Libsoup contains a CRLF injection vulnerability (CVE-2026-1467) in which URL-decoded input used to form the Host header can be manipulated when an HTTP proxy is configured. A remote attacker can craft a URL with CRLF sequences to inject extra HTTP headers or request bodies, potentially affecting ...
CVE-2026-2436
CVE-2026-2436 : A use-after-free in libsoup’s SoupServer can be triggered by a TLS handshake timing issue. Specifically, soup_server_disconnect() may free connection objects prematurely; if the TLS handshake completes after the object is freed, a dangling pointer access can crash the server, caus...
CVE-2026-3634
Concrete details found: CVE-2026-3634 affects the libsoup library. The vulnerability arises in soup_message_headers_set_content_type(), where improper input sanitization allows an attacker-controlled Content-Type value to inject CRLF sequences, enabling arbitrary header-value injections and HTTP ...
CVE-2026-2369
A vulnerability CVE-2026-2369 exists in libsoup where an integer underflow occurs when processing content with a zero-length resource, causing a buffer overread. Connected sources indicate this affects libsoup versions older than 3.4.4-14, with a patched release available (3.4.4-14). Potential im...
CVE-2026-3633
Summary: CVE-2026-3633 affects libsoup and enables CRLF/header/http request injection by an attacker who can control the method parameter in soup_message_new(). The flaw arises from inadequate escaping of the method value during request line construction, potentially allowing arbitrary headers or...