pkg:Debian/libsoup2.4

55 total CVEsCRITICAL8HIGH15MEDIUM29LOW1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2019-17266libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does n…
    from 0, < 2.68.2-1
  • CRITICAL9.8CVE-2018-12910libsoup2.4 - security update
    from 0, < 2.48.0-1+deb8u2
  • CRITICAL9.8CVE-2018-12910libsoup2.4 - security update
    from 0, < 2.56.0-2+deb9u2
  • CRITICAL9.8CVE-2018-12910libsoup2.4 - security update
    from 0, < 2.62.2-2
  • CRITICAL9.8CVE-2017-2885libsoup2.4 - security update
    from 0, < 2.48.0-1+deb8u1
  • CRITICAL9.8CVE-2017-2885libsoup2.4 - security update
    from 0, < 2.56.1-1
  • CRITICAL9.1CVE-2026-2369A flaw was found in libsoup.
    from 0
  • CRITICAL9.0CVE-2025-32911A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function.
    from 0, < 2.72.0-2+deb11u2
  • HIGH8.6CVE-2026-1761A flaw was found in libsoup.
    from 0
  • HIGH8.6CVE-2026-0719A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network com…
    from 0
  • HIGH8.2CVE-2026-5119A flaw was found in libsoup.
    from 0
  • HIGH8.2CVE-2026-2436A flaw was found in libsoup's SoupServer.
    from 0
  • HIGH8.2CVE-2025-14523A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side process…
    from 0
  • HIGH7.5CVE-2026-4271A flaw was found in libsoup, a library for handling HTTP requests.
    from 0
  • HIGH7.5CVE-2025-4948A flaw was found in the soup_multipart_new_from_message() function of the libsoup HTTP library, which is commonly used by GNOME and other a…
    from 0, < 2.72.0-2+deb11u3
  • HIGH7.5CVE-2025-32913A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference.
    from 0, < 2.72.0-2+deb11u2
  • HIGH7.5CVE-2025-32906A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read.
    from 0, < 2.72.0-2+deb11u2
  • HIGH7.5CVE-2025-32049A flaw was found in libsoup.
    from 0
  • HIGH7.5CVE-2024-52532GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption.
    from 0, < 2.72.0-2+deb11u1
  • HIGH7.5CVE-2024-52530libsoup2.4 - security update
    from 0, < 2.72.0-2+deb11u1
  • HIGH7.5CVE-2024-52530libsoup2.4 - security update
    from 0, < 2.72.0-2+deb11u1
  • HIGH7.4CVE-2025-32914A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read.
    from 0, < 2.72.0-2+deb11u2
  • HIGH7.3CVE-2026-3099A flaw was found in Libsoup.
    from 0
  • MEDIUM6.8CVE-2025-46421A flaw was found in libsoup.
    from 0
  • MEDIUM6.5CVE-2026-3634A flaw was found in libsoup.
    from 0
  • MEDIUM6.5CVE-2026-3633A flaw was found in libsoup.
    from 0
  • MEDIUM6.5CVE-2026-1801A flaw was found in libsoup, an HTTP client/server library.
    from 0
  • MEDIUM6.5CVE-2025-4969A vulnerability was found in the libsoup package.
    from 0, < 2.72.0-2+deb11u3
  • MEDIUM6.5CVE-2025-46420A flaw was found in libsoup.
    from 0
  • MEDIUM6.5CVE-2025-32912A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference.
    from 0, < 2.72.0-2+deb11u2
  • MEDIUM6.5CVE-2025-32910A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference.
    from 0, < 2.72.0-2+deb11u2
  • MEDIUM6.5CVE-2025-32053A flaw was found in libsoup.
    from 0, < 2.72.0-2+deb11u2
  • MEDIUM6.5CVE-2025-32052A flaw was found in libsoup.
    from 0, < 2.72.0-2+deb11u2
  • MEDIUM6.5CVE-2025-2784libsoup2.4 - security update
    from 0, < 2.72.0-2+deb11u2
  • MEDIUM6.5CVE-2025-2784libsoup2.4 - security update
    from 0, < 2.72.0-2+deb11u2
  • MEDIUM6.5CVE-2024-52531GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict.
    from 0, < 2.72.0-2+deb11u1
  • MEDIUM5.9CVE-2025-9901A flaw was found in libsoup’s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses.
    from 0
  • MEDIUM5.9CVE-2025-32050A flaw was found in libsoup.
    from 0, < 2.72.0-2+deb11u2
  • MEDIUM5.8CVE-2026-1539A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations.
    from 0
  • MEDIUM5.5CVE-2026-3632A flaw was found in libsoup, a library used by applications to send network requests.
    from 0
  • MEDIUM5.3CVE-2026-2708A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic.
    from 0
  • MEDIUM5.3CVE-2026-2443A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems.
    from 0
  • MEDIUM5.3CVE-2026-1760A flaw was found in SoupServer.
    from 0
  • MEDIUM5.3CVE-2026-1536A flaw was found in libsoup.
    from 0
  • MEDIUM5.3CVE-2026-1467A flaw was found in libsoup, an HTTP client library.
    from 0
  • MEDIUM5.3CVE-2025-32909A flaw was found in libsoup.
    from 0, < 2.72.0-2+deb11u2
  • MEDIUM5.3CVE-2025-32907A flaw was found in libsoup.
    from 0
  • MEDIUM4.8CVE-2026-6324A flaw was found in libsoup.
    from 0
  • MEDIUM4.8CVE-2026-0716A flaw was found in libsoup’s WebSocket frame processing when handling incoming messages.
    from 0
  • MEDIUM4.3CVE-2025-4476libsoup2.4 - security update
    from 0, < 2.72.0-2+deb11u3
  • MEDIUM4.3CVE-2025-4476libsoup2.4 - security update
    from 0, < 2.72.0-2+deb11u3
  • MEDIUM4.3CVE-2025-4035A flaw was found in libsoup.
    from 0
  • LOW3.7CVE-2025-4945A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software.
    from 0, < 2.72.0-2+deb11u3
  • CVE-2011-2524libsoup2.4 - directory traversal
    from 0, < 2.30.2-1+squeeze1
  • CVE-2011-2524libsoup2.4 - directory traversal
    from 0, < 2.34.3-1