Search CVE reports
1 – 3 of 3 results
CVE-2024-52532
Medium prioritySome fixes available 8 of 9
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.
2 affected packages
libsoup2.4, libsoup3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed | Needs evaluation |
| libsoup3 | Fixed | Fixed | Not in release | — | — |
CVE-2024-52531
Medium prioritySome fixes available 8 of 9
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. Input received over the network cannot trigger this.
2 affected packages
libsoup2.4, libsoup3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed | Needs evaluation |
| libsoup3 | Fixed | Fixed | Not in release | — | — |
CVE-2024-52530
Medium prioritySome fixes available 7 of 8
GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a...
2 affected packages
libsoup2.4, libsoup3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed | Needs evaluation |
| libsoup3 | Fixed | Fixed | Not in release | — | — |