GNOME Libsoup

libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read

CVE-2019-17266 9.8 - Critical - October 06, 2019

libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy.

Out-of-bounds Read

The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2

CVE-2018-12910 9.8 - Critical - July 05, 2018

The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.

Out-of-bounds Read

WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit

CVE-2018-11713 6.5 - Medium - June 04, 2018

WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior to version 2.20.0 or without libsoup 2.62.0, unexpectedly failed to use system proxy settings for WebSocket connections. As a result, users could be deanonymized by crafted web sites via a WebSocket connection.

An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58

CVE-2017-2885 9.8 - Critical - April 24, 2018

An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability.

Buffer Overflow