Описание
A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read).
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.74.3-10.1ubuntu4 |
| esm-infra/bionic | released | 2.62.1-1ubuntu0.4+esm6 |
| esm-infra/focal | released | 2.70.0-1ubuntu0.5+esm1 |
| esm-infra/xenial | released | 2.52.2-1ubuntu0.3+esm5 |
| focal | ignored | end of standard support, was deferred [2025-05-22] |
| jammy | released | 2.74.2-3ubuntu0.6 |
| noble | released | 2.74.3-6ubuntu1.6 |
| oracular | ignored | end of life, was needs-triage |
| plucky | released | 2.74.3-10ubuntu0.4 |
| questing | released | 2.74.3-10.1ubuntu4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 3.6.5-3 |
| esm-apps/jammy | released | 3.0.7-0ubuntu1+esm5 |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | needed | |
| noble | released | 3.4.4-5ubuntu0.5 |
| oracular | ignored | end of life, was needs-triage |
| plucky | released | 3.6.5-1ubuntu0.2 |
| questing | released | 3.6.5-3 |
| upstream | needs-triage |
Показывать по
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read).
A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read).
Libsoup: off-by-one out-of-bounds read in find_boundary() in soup-multipart.c
A vulnerability was found in the libsoup package. This flaw stems from ...
A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read).
EPSS
6.5 Medium
CVSS3