CVE-2024-52532

Опубликовано: 11 нояб. 2024

Источник: debian

EPSS Низкий

Описание

GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.

Пакет	Статус	Версия исправления	Релиз	Тип
libsoup3	fixed	3.6.0-4		package
libsoup3	no-dsa		bookworm	package
libsoup2.4	fixed	2.74.3-8.1		package
libsoup2.4	fixed	2.74.3-1+deb12u1	bookworm	package

https://gitlab.gnome.org/GNOME/libsoup/-/issues/391
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/410
Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/6adc0e3eb74c257ed4e2a23eb4b2774fdb0d67be (master)
Test fix #1: https://gitlab.gnome.org/GNOME/libsoup/-/commit/29b96fab2512666d7241e46c98cc45b60b795c0c (master)
Test fix #2: https://gitlab.gnome.org/GNOME/libsoup/-/commit/4c9e75c6676a37b6485620c332e568e1a3f530ff (master)

EPSS

Процентиль: 25%

0.0008

Низкий

CVE-2024-52532

CVSS3: 7.5

ubuntu

7 месяцев назад

GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.

CVE-2024-52532

CVSS3: 7.5

redhat

7 месяцев назад

GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.

CVE-2024-52532

CVSS3: 7.5

nvd

7 месяцев назад

GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.

CVE-2024-52532

CVSS3: 7.5

msrc

7 месяцев назад

Описание отсутствует

GHSA-f6qg-rg6j-cxgf

CVSS3: 7.5

github

7 месяцев назад

GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.

EPSS

Процентиль: 25%

0.0008

Низкий