Search CVE reports

Toggle filters

1 – 10 of 48 results

CVE-2026-2369

Medium priority
Needs evaluation

A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or...

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libsoup3 Needs evaluation Needs evaluation
Show less packages

CVE-2026-4271

Medium priority
Needs evaluation

A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2...

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libsoup3 Needs evaluation Needs evaluation
Show less packages

CVE-2026-3634

Medium priority
Vulnerable

A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in...

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Vulnerable Vulnerable Vulnerable Vulnerable
libsoup3 Vulnerable Vulnerable
Show less packages

CVE-2026-3633

Medium priority
Vulnerable

A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the `soup_message_new()` function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF (Carriage...

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Vulnerable Vulnerable Vulnerable Vulnerable
libsoup3 Vulnerable Vulnerable
Show less packages

CVE-2026-3632

Medium priority
Vulnerable

A flaw was found in libsoup, a library used by applications to send network requests. This vulnerability occurs because libsoup does not properly validate hostnames, allowing special characters to be injected into HTTP headers. A...

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Vulnerable Vulnerable Vulnerable Vulnerable
libsoup3 Vulnerable Vulnerable
Show less packages

CVE-2026-3099

Low priority
Vulnerable

A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count (nc) attribute. This...

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Vulnerable Vulnerable Vulnerable Vulnerable
libsoup3 Vulnerable Vulnerable
Show less packages

CVE-2026-2436

Medium priority
Needs evaluation

[Unknown description]

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libsoup3 Needs evaluation Needs evaluation
Show less packages

CVE-2026-2708

Medium priority
Needs evaluation

[libsoup: HTTP/1 request smuggling primitives accepted (CL.CL and TE+CL) in soup_headers_parse()]

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libsoup3 Needs evaluation Needs evaluation
Show less packages

CVE-2026-2443

Medium priority
Needs evaluation

A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations,...

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libsoup3 Needs evaluation Needs evaluation
Show less packages

CVE-2026-1801

Medium priority
Needs evaluation

A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in the soup_filter_input_stream_read_line() logic, where libsoup accepts malformed chunk...

2 affected packages

libsoup2.4, libsoup3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libsoup3 Needs evaluation Needs evaluation
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON