Search CVE reports


Toggle filters

1 – 3 of 3 results


CVE-2024-52532

Medium priority

Some fixes available 8 of 9

GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libsoup2.4 Fixed Fixed Fixed Fixed Needs evaluation
libsoup3 Fixed Fixed Not in release
Show less packages

CVE-2024-52531

Medium priority

Some fixes available 8 of 9

GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. Input received over the network cannot trigger this.

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libsoup2.4 Fixed Fixed Fixed Fixed Needs evaluation
libsoup3 Fixed Fixed Not in release
Show less packages

CVE-2024-52530

Medium priority

Some fixes available 7 of 8

GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a...

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libsoup2.4 Fixed Fixed Fixed Fixed Needs evaluation
libsoup3 Fixed Fixed Not in release
Show less packages