Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome libsoup vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2019-17266
libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy.
Gnome Libsoup
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
516
VMScore
CVE-2010-3312
Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle malicious users to spoof arbitrary https web sites via a crafted ...
Gnome Epiphany 2.28
Gnome Epiphany 2.29
445
VMScore
CVE-2012-2132
libsoup 2.32.2 and previous versions does not validate certificates or clear the trust flag when the ssl-ca-file does not exist, which allows remote malicious users to bypass authentication by connecting with a SSL connection.
Gnome Libsoup 2.32.2
445
VMScore
CVE-2011-2524
Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup prior to 2.35.4 allows remote malicious users to read arbitrary files via a %2e%2e (encoded dot dot) in a URI.
Gnome Libsoup 2.4.0
Gnome Libsoup 2.2.103
Gnome Libsoup 2.2.99
Gnome Libsoup 2.27.4
Gnome Libsoup 2.2.104
Gnome Libsoup 2.27.1
Gnome Libsoup 2.26.1
Gnome Libsoup 2.3.0.1
Gnome Libsoup 2.33.4
Gnome Libsoup 2.23.92
Gnome Libsoup 2.28.0
Gnome Libsoup 2.31.90
Gnome Libsoup 2.2.91
Gnome Libsoup 2.31.6
Gnome Libsoup 2.2.101
Gnome Libsoup 2.2.6
Gnome Libsoup 2.30.0
Gnome Libsoup 2.4.1
Gnome Libsoup 2.2.3
Gnome Libsoup 2.29.90
Gnome Libsoup 2.0
Gnome Libsoup 2.24.1
383
VMScore
CVE-2018-11713
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior to version 2.20.0 or without libsoup 2.62.0, unexpectedly failed to use system proxy settings for WebSocket connections. As a result, users could be ...
Webkitgtk Webkitgtk+
Gnome Libsoup
383
VMScore
CVE-2013-1799
Gnome Online Accounts (GOA) 3.6.x prior to 3.6.3 and 3.7.x prior to 3.7.91, does not properly validate SSL certificates when creating accounts for providers who use the libsoup library, which allows man-in-the-middle malicious users to obtain sensitive information such as credent...
Gnome Gnome Online Accounts 3.6.0
Gnome Gnome Online Accounts 3.6.2
Gnome Gnome Online Accounts 3.6.1
Gnome Gnome Online Accounts 3.7.3
Gnome Gnome Online Accounts 3.7.4
Gnome Gnome Online Accounts 3.7.90
Gnome Gnome Online Accounts 3.7.2
Gnome Gnome Online Accounts 3.7.1
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started