CVE-2011-2524

EPSS 0.85%

libsoup2.4 - directory traversal

Published: 8/31/2011Modified: 4/28/2026

Description

Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI.

Affected packages (2)

Debian/libsoup2.4from 0, < 2.34.3-1
Debian/libsoup2.4from 0, < 2.30.2-1+squeeze1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-2524