Search CVE reports


Toggle filters

1 – 10 of 59 results


CVE-2026-15714

Medium priority
Needs evaluation

An out-of-bounds read vulnerability was found in libsoup's multipart processing subsystem. The flaw exists in the soup_multipart_input_stream_read_headers() function inside soup-multipart-input-stream.c, which does not adequately...

2 affected packages

libsoup2.4, libsoup3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libsoup3 Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-15711

Medium priority
Needs evaluation

A vulnerability was found in libsoup's WebSocket frame parsing implementation. The library fails to validate length rules specified in RFC 6455 ยง5.5, which mandates that all WebSocket control frames (e.g., PING, PONG, CLOSE)...

2 affected packages

libsoup2.4, libsoup3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libsoup3 Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-15709

Medium priority
Needs evaluation

A flaw was found in libsoup's WebSocket implementation when using the permessage-deflate extension. The extension's decompression loop (inflate()) processes data in chunks without enforcing an upper boundary limit on the output...

2 affected packages

libsoup2.4, libsoup3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libsoup3 Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-12549

Medium priority
Needs evaluation

The fix for CVE-2026-2443 was regressed by a subsequent rework commit that replaced specific overflow checks with a general signed comparison. When a client sends a Range request with a suffix length exceeding the content size,...

2 affected packages

libsoup2.4, libsoup3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libsoup3 Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-6324

Medium priority
Needs evaluation

A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the `soup_body_input_stream_read_chunked()` function by sending a malicious HTTP request. This vulnerability occurs when...

2 affected packages

libsoup2.4, libsoup3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libsoup3 Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-2708

Medium priority
Needs evaluation

A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic. The soup_message_headers_append_common() function in libsoup/soup-message-headers.c unconditionally appends each header value without validating...

2 affected packages

libsoup2.4, libsoup3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libsoup3 Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-5119

Medium priority

Some fixes available 7 of 11

A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a...

2 affected packages

libsoup2.4, libsoup3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Fixed Fixed Fixed Fixed Fixed
libsoup3 Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-2436

Medium priority
Needs evaluation

A flaw was found in libsoup's SoupServer. A remote attacker could exploit a use-after-free vulnerability where the `soup_server_disconnect()` function frees connection objects prematurely, even if a TLS handshake is still pending....

2 affected packages

libsoup2.4, libsoup3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Not affected Not affected Not affected Not affected Not affected
libsoup3 Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2026-2369

Medium priority

Some fixes available 6 of 9

A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or...

2 affected packages

libsoup2.4, libsoup3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Fixed Fixed Fixed Fixed Fixed
libsoup3 Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2026-4271

Medium priority
Needs evaluation

A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2...

2 affected packages

libsoup2.4, libsoup3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libsoup2.4 Not affected Not affected Not affected Not affected Not affected
libsoup3 Needs evaluation Needs evaluation Needs evaluation
Show less packages