Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2026-2369

Опубликовано: 19 мар. 2026
Источник: debian
EPSS Низкий

Описание

A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libsoup3fixed3.6.6-1package
libsoup3no-dsatrixiepackage
libsoup3no-dsabookwormpackage
libsoup2.4removedpackage
libsoup2.4no-dsatrixiepackage
libsoup2.4no-dsabookwormpackage

Примечания

  • https://gitlab.gnome.org/GNOME/libsoup/-/issues/498

  • Issue introduced by the fix for CVE-2025-32052

  • Introduced with: https://gitlab.gnome.org/GNOME/libsoup/-/commit/a5b86bfc9405e01f12a975ae6898b1ce6a870e11

  • Introduced with: https://gitlab.gnome.org/GNOME/libsoup/-/commit/f182429e5b1fc034050510da20c93256c4fa9652 (3.6.1)

  • Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/b91bbd7d7888c85b17a8b33173caa806dff51681

  • Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/af4bde990270b825b7d110a495cc65de9e2ec32f (3.6.6)

EPSS

Процентиль: 15%
0.00048
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2026-2369

CVSS3: 6.5
ubuntu
около 1 месяца назад

Integer underflow in CVE-2025-32052 fix when resource_length=0

redhat логотип

CVE-2026-2369

CVSS3: 6.5
redhat
около 1 месяца назад

A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service.

nvd логотип

CVE-2026-2369

CVSS3: 6.5
nvd
8 дней назад

A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service.

msrc логотип

CVE-2026-2369

msrc
2 дня назад

Libsoup: libsoup: buffer overread due to integer underflow when handling zero-length resources

github логотип

GHSA-rm63-3cv3-qm5w

CVSS3: 6.5
github
8 дней назад

A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service.

EPSS

Процентиль: 15%
0.00048
Низкий