Search CVE reports
11 – 20 of 32 results
A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash.
2 affected packages
libsoup3, libsoup2.4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup3 | Fixed | Fixed | Not in release | — |
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed |
A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.
2 affected packages
libsoup3, libsoup2.4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup3 | Fixed | Fixed | Not in release | — |
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed |
A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the libsoup client to crash.
2 affected packages
libsoup3, libsoup2.4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup3 | Fixed | Fixed | Not in release | — |
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed |
A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash.
2 affected packages
libsoup3, libsoup2.4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup3 | Fixed | Fixed | Not in release | — |
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed |
A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS).
2 affected packages
libsoup3, libsoup2.4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup3 | Fixed | Not affected | Not in release | — |
| libsoup2.4 | Not affected | Not affected | Not affected | Not affected |
Some fixes available 9 of 11
A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the...
2 affected packages
libsoup3, libsoup2.4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup3 | Fixed | Fixed | Not in release | — |
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed |
A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server.
2 affected packages
libsoup3, libsoup2.4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup3 | Fixed | Fixed | Not in release | — |
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed |
A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.
2 affected packages
libsoup3, libsoup2.4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup3 | Fixed | Fixed | Not in release | — |
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed |
A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read.
2 affected packages
libsoup3, libsoup2.4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup3 | Fixed | Fixed | Not in release | — |
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed |
A flaw was found in libsoup. The libsoup soup_uri_decode_data_uri() function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service (DoS).
2 affected packages
libsoup3, libsoup2.4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup3 | Fixed | Fixed | Not in release | — |
| libsoup2.4 | Not affected | Not affected | Not affected | Not affected |