A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior, allowing an attacker to bypass cookie expiration logic, causing persistent or unintended cookie behavior. The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines.

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior, allowing an attacker to bypass cookie expiration logic, causing persistent or unintended cookie behavior. The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines.

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior, allowing an attacker to bypass cookie expiration logic, causing persistent or unintended cookie behavior. The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines.

A flaw was found in the cookie parsing logic of the libsoup HTTP libra ...

Security update for libsoup

Security update for libsoup2

Security update for libsoup

Low: libsoup3 security update

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior, allowing an attacker to bypass cookie expiration logic, causing persistent or unintended cookie behavior. The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines.

ELSA-2025-19720: libsoup3 security update (LOW)

Уязвимость библиотеки libsoup графического интерфейса GNOME, позволяющая нарушителю выполнить произвольный код

Important: libsoup3 security update

Important: libsoup security update

Important: libsoup security update

Important: libsoup security update

ELSA-2025-21032: libsoup3 security update (IMPORTANT)

ELSA-2025-20959: libsoup security update (IMPORTANT)

ELSA-2025-19714: libsoup security update (IMPORTANT)

ELSA-2025-19713: libsoup security update (IMPORTANT)

ELSA-2025-21657: libsoup security update (IMPORTANT)