Genivia Gsoap
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Genivia Gsoap.
By the Year
In 2026 there have been 1 vulnerability in Genivia Gsoap with an average score of 7.5 out of ten. Last year, in 2025 Gsoap had 1 security vulnerability published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Gsoap in 2026 could surpass last years number. Interestingly, the average vulnerability score and the number of vulnerabilities for 2026 and last year was the same.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 7.50 |
| 2025 | 1 | 7.50 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 6 | 8.27 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 0.00 |
It may take a day or so for new Gsoap vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Genivia Gsoap Security Vulnerabilities
gSOAP 2.8 Directory Traversal via Malicious GET
CVE-2019-25355
7.5 - High
- February 18, 2026
gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal sequences.
Directory traversal
Genivia gSOAP XML DoS via Duplicate ID Attribute
CVE-2024-4227
7.5 - High
- January 15, 2025
In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS.
Excessive Iteration
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107
CVE-2021-21783
9.8 - Critical
- March 25, 2021
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
Integer Overflow or Wraparound
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107
CVE-2020-13578
7.5 - High
- February 10, 2021
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.
NULL Pointer Dereference
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107
CVE-2020-13577
7.5 - High
- February 10, 2021
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.
NULL Pointer Dereference
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107
CVE-2020-13576
9.8 - Critical
- February 10, 2021
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
Integer Overflow or Wraparound
A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107
CVE-2020-13575
7.5 - High
- February 10, 2021
A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.
NULL Pointer Dereference
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107
CVE-2020-13574
7.5 - High
- February 10, 2021
A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.
NULL Pointer Dereference
Genivia gSOAP 2.7.x and 2.8.x before 2.8.75
CVE-2019-7659
- February 09, 2019
Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWITH_COOKIES flag. This affects the C/C++ libgsoapck/libgsoapck++ and libgsoapssl/libgsoapssl++ libraries, as these are built with that flag.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Genivia Gsoap or by Genivia? Click the Watch button to subscribe.
