Search for packages
| purl | pkg:deb/debian/libsoup2.4@2.74.3-1%2Bdeb12u1 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-24tr-cene-gfch
Aliases: CVE-2025-32911 |
libsoup: Double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" GHashTable value |
Affected by 4 other vulnerabilities. |
|
VCID-4m39-v7d7-1ba7
Aliases: CVE-2025-32050 |
libsoup: Integer overflow in append_param_quoted |
Affected by 4 other vulnerabilities. |
|
VCID-6skx-v6sg-53gq
Aliases: CVE-2025-2784 |
libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content |
Affected by 4 other vulnerabilities. |
|
VCID-7hhg-3u9v-nqfw
Aliases: CVE-2025-4945 |
libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup | There are no reported fixed by versions. |
|
VCID-9uua-rxjd-fkf6
Aliases: CVE-2025-4969 |
libsoup: Off-by-One Out-of-Bounds Read in find_boundary() in soup-multipart.c | There are no reported fixed by versions. |
|
VCID-athp-xk5g-jbhu
Aliases: CVE-2025-32909 |
libsoup: NULL Pointer Dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c |
Affected by 4 other vulnerabilities. |
|
VCID-f481-8mb7-dbed
Aliases: CVE-2025-32910 |
libsoup: Null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an Unauthorized response with Digest authentication |
Affected by 4 other vulnerabilities. |
|
VCID-htuv-qv35-gycj
Aliases: CVE-2025-46420 |
libsoup: Memory leak on soup_header_parse_quality_list() via soup-headers.c |
Affected by 4 other vulnerabilities. |
|
VCID-k9bu-zasm-vfgr
Aliases: CVE-2025-32912 |
libsoup: NULL pointer dereference in client when server omits the "nonce" parameter in an Unauthorized response with Digest authentication |
Affected by 4 other vulnerabilities. |
|
VCID-ku6w-4wsv-qbe4
Aliases: CVE-2025-32906 |
libsoup: Out of bounds reads in soup_headers_parse_request() |
Affected by 4 other vulnerabilities. |
|
VCID-rd74-1427-eybf
Aliases: CVE-2025-4948 |
libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup | There are no reported fixed by versions. |
|
VCID-sabm-gujq-j3fb
Aliases: CVE-2025-4476 |
libsoup: Null pointer dereference in libsoup may lead to Denial Of Service | There are no reported fixed by versions. |
|
VCID-yx68-81fu-ffar
Aliases: CVE-2025-32914 |
libsoup: OOB Read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process |
Affected by 4 other vulnerabilities. |
|
VCID-zhp7-2ks9-m7es
Aliases: CVE-2025-32913 |
libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header |
Affected by 4 other vulnerabilities. |
|
VCID-zrmu-bwfg-e3hp
Aliases: CVE-2025-32052 |
libsoup: Heap buffer overflow in sniff_unknown() |
Affected by 4 other vulnerabilities. |
|
VCID-zsdd-pzyb-nbdf
Aliases: CVE-2025-32053 |
libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() |
Affected by 4 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-24tr-cene-gfch | libsoup: Double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" GHashTable value |
CVE-2025-32911
|
| VCID-4m39-v7d7-1ba7 | libsoup: Integer overflow in append_param_quoted |
CVE-2025-32050
|
| VCID-6skx-v6sg-53gq | libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content |
CVE-2025-2784
|
| VCID-7hhg-3u9v-nqfw | libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup |
CVE-2025-4945
|
| VCID-9uua-rxjd-fkf6 | libsoup: Off-by-One Out-of-Bounds Read in find_boundary() in soup-multipart.c |
CVE-2025-4969
|
| VCID-athp-xk5g-jbhu | libsoup: NULL Pointer Dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c |
CVE-2025-32909
|
| VCID-f481-8mb7-dbed | libsoup: Null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an Unauthorized response with Digest authentication |
CVE-2025-32910
|
| VCID-k9bu-zasm-vfgr | libsoup: NULL pointer dereference in client when server omits the "nonce" parameter in an Unauthorized response with Digest authentication |
CVE-2025-32912
|
| VCID-ku6w-4wsv-qbe4 | libsoup: Out of bounds reads in soup_headers_parse_request() |
CVE-2025-32906
|
| VCID-rd74-1427-eybf | libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup |
CVE-2025-4948
|
| VCID-sabm-gujq-j3fb | libsoup: Null pointer dereference in libsoup may lead to Denial Of Service |
CVE-2025-4476
|
| VCID-svba-hf1d-y7ez | libsoup: HTTP request smuggling via stripping null bytes from the ends of header names |
CVE-2024-52530
|
| VCID-uk2y-997k-4qat | libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict |
CVE-2024-52531
|
| VCID-v9pv-qh9a-97g9 | libsoup: infinite loop while reading websocket data |
CVE-2024-52532
|
| VCID-yx68-81fu-ffar | libsoup: OOB Read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process |
CVE-2025-32914
|
| VCID-zhp7-2ks9-m7es | libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header |
CVE-2025-32913
|
| VCID-zrmu-bwfg-e3hp | libsoup: Heap buffer overflow in sniff_unknown() |
CVE-2025-32052
|
| VCID-zsdd-pzyb-nbdf | libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() |
CVE-2025-32053
|