CVE search results

1 – 10 of 46 results

Detailed view

Sort by:

CVE-2026-0716

Medium priority

Vulnerable

A flaw was found in libsoup’s WebSocket frame processing when handling incoming messages. If a non-default configuration is used where the maximum incoming payload size is unset, the library may read memory outside the intended...

2 affected packages

libsoup2.4, libsoup3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libsoup2.4	Vulnerable	Vulnerable	Vulnerable	Vulnerable
libsoup3	Vulnerable	Vulnerable	—	—

CVE-2026-3634

Medium priority

Vulnerable

CRLF injection in soup_message_headers_set_content_type()

2 affected packages

libsoup2.4, libsoup3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libsoup2.4	Vulnerable	Vulnerable	Vulnerable	Vulnerable
libsoup3	Vulnerable	Vulnerable	—	—

CVE-2026-3633

Medium priority

Vulnerable

CRLF injection in soup_message_new() when method is user provided

2 affected packages

libsoup2.4, libsoup3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libsoup2.4	Vulnerable	Vulnerable	Vulnerable	Vulnerable
libsoup3	Vulnerable	Vulnerable	—	—

CVE-2026-3632

Medium priority

Vulnerable

CRLF injection in hostname leading to request smuggling via URL

2 affected packages

libsoup2.4, libsoup3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libsoup2.4	Vulnerable	Vulnerable	Vulnerable	Vulnerable
libsoup3	Vulnerable	Vulnerable	—	—

CVE-2026-3099

Low priority

Vulnerable

Broken Authentication: Digest Nonce Replay via Missing Nonce-Count Enforcement

2 affected packages

libsoup2.4, libsoup3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libsoup2.4	Vulnerable	Vulnerable	Vulnerable	Vulnerable
libsoup3	Vulnerable	Vulnerable	—	—

CVE-2026-2708

Medium priority

Needs evaluation

[libsoup: HTTP/1 request smuggling primitives accepted (CL.CL and TE+CL) in soup_headers_parse()]

2 affected packages

libsoup2.4, libsoup3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libsoup2.4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libsoup3	Needs evaluation	Needs evaluation	—	—

CVE-2026-2443

Medium priority

Needs evaluation

A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations,...

2 affected packages

libsoup2.4, libsoup3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libsoup2.4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libsoup3	Needs evaluation	Needs evaluation	—	—

CVE-2026-2369

Medium priority

Needs evaluation

Integer underflow in CVE-2025-32052 fix when resource_length=0

2 affected packages

libsoup2.4, libsoup3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libsoup2.4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libsoup3	Needs evaluation	Needs evaluation	—	—

CVE-2026-1801

Medium priority

Needs evaluation

A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in the soup_filter_input_stream_read_line() logic, where libsoup accepts malformed chunk...

2 affected packages

libsoup2.4, libsoup3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libsoup2.4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libsoup3	Needs evaluation	Needs evaluation	—	—

CVE-2026-1761

Medium priority

Needs evaluation

A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially...

2 affected packages

libsoup2.4, libsoup3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libsoup2.4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libsoup3	Needs evaluation	Needs evaluation	—	—

Export to JSON

Results by page:

Search CVE reports