Описание
A global buffer overflow vulnerability was found in the soup_header_name_to_string function in Libsoup. The soup_header_name_to_string function does not validate the name parameter passed in, and directly accesses soup_header_name_strings[name]. The value of name is controllable, when name exceeds the index range of soup_headr_name_string, it will cause an out-of-bounds access.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | deferred | 2025-07-28 |
| esm-infra/bionic | deferred | 2025-07-28 |
| esm-infra/focal | deferred | 2025-07-28 |
| esm-infra/xenial | deferred | 2025-07-28 |
| focal | ignored | end of standard support, was needs-triage |
| jammy | deferred | 2025-07-28 |
| noble | deferred | 2025-07-28 |
| plucky | deferred | 2025-07-28 |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | deferred | 2025-07-28 |
| esm-apps/jammy | deferred | 2025-07-28 |
| jammy | deferred | 2025-07-28 |
| noble | deferred | 2025-07-28 |
| plucky | deferred | 2025-07-28 |
| upstream | needs-triage |
Показывать по
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
A global buffer overflow vulnerability was found in the soup_header_name_to_string function in Libsoup. The `soup_header_name_to_string` function does not validate the `name` parameter passed in, and directly accesses `soup_header_name_strings[name]`. The value of `name` is controllable, when `name` exceeds the index range of `soup_headr_name_string`, it will cause an out-of-bounds access.
A global buffer overflow vulnerability was found in the soup_header_name_to_string function in Libsoup. The `soup_header_name_to_string` function does not validate the `name` parameter passed in, and directly accesses `soup_header_name_strings[name]`. The value of `name` is controllable, when `name` exceeds the index range of `soup_headr_name_string`, it will cause an out-of-bounds access.
A global buffer overflow vulnerability was found in the soup_header_na ...
A global buffer overflow vulnerability was found in the soup_header_name_to_string function in Libsoup. The `soup_header_name_to_string` function does not validate the `name` parameter passed in, and directly accesses `soup_header_name_strings[name]`. The value of `name` is controllable, when `name` exceeds the index range of `soup_headr_name_string`, it will cause an out-of-bounds access.
EPSS
5.5 Medium
CVSS3