Information on source package libsoup2.4

Available versions

ReleaseVersion
bullseye2.72.0-2
bullseye (security)2.72.0-2+deb11u2
bookworm2.74.3-1+deb12u1
trixie2.74.3-10.1
sid2.74.3-10.1

Open issues

BugbullseyebookwormtrixiesidDescription
CVE-2025-46421vulnerablevulnerable (no DSA)vulnerablevulnerableA flaw was found in libsoup. When libsoup clients encounter an HTTP re ...
CVE-2025-46420vulnerablevulnerable (no DSA)fixedfixedA flaw was found in libsoup. It is vulnerable to memory leaks in the s ...
CVE-2025-32914fixedvulnerable (no DSA)fixedfixedA flaw was found in libsoup, where the soup_multipart_new_from_message ...
CVE-2025-32913fixedvulnerable (no DSA)fixedfixedA flaw was found in libsoup, where the soup_message_headers_get_conten ...
CVE-2025-32912fixedvulnerable (no DSA)fixedfixedA flaw was found in libsoup, where SoupAuthDigest is vulnerable to a N ...
CVE-2025-32911fixedvulnerable (no DSA)fixedfixedA use-after-free type vulnerability was found in libsoup, in the soup_ ...
CVE-2025-32910fixedvulnerable (no DSA)fixedfixedA flaw was found in libsoup, where soup_auth_digest_authenticate() is ...
CVE-2025-32909fixedvulnerable (no DSA)fixedfixedA flaw was found in libsoup. SoupContentSniffer may be vulnerable to a ...
CVE-2025-32907vulnerablevulnerable (no DSA)vulnerablevulnerableA flaw was found in libsoup. The implementation of HTTP range requests ...
CVE-2025-32906fixedvulnerable (no DSA)fixedfixedA flaw was found in libsoup, where the soup_headers_parse_request() fu ...
CVE-2025-32053fixedvulnerable (no DSA)fixedfixedA flaw was found in libsoup. A vulnerability in sniff_feed_or_html() a ...
CVE-2025-32052fixedvulnerable (no DSA)fixedfixedA flaw was found in libsoup. A vulnerability in the sniff_unknown() fu ...
CVE-2025-32050fixedvulnerable (no DSA)fixedfixedA flaw was found in libsoup. The libsoup append_param_quoted() functio ...
CVE-2025-32049vulnerablevulnerable (no DSA)vulnerablevulnerableA flaw was found in libsoup. The SoupWebsocketConnection may accept a ...
CVE-2025-4969vulnerablevulnerable (no DSA)vulnerablevulnerableA vulnerability was found in the libsoup package. This flaw stems from ...
CVE-2025-4948vulnerablevulnerable (no DSA)vulnerablevulnerableA flaw was found in the soup_multipart_new_from_message() function of ...
CVE-2025-4945vulnerablevulnerable (no DSA)vulnerablevulnerableA flaw was found in the cookie parsing logic of the libsoup HTTP libra ...
CVE-2025-4476vulnerablevulnerable (no DSA)vulnerablevulnerableA denial-of-service vulnerability has been identified in the libsoup H ...
CVE-2025-4035vulnerablevulnerable (no DSA)vulnerablevulnerableA flaw was found in libsoup. When handling cookies, libsoup clients mi ...
CVE-2025-2784fixedvulnerable (no DSA)fixedfixedA flaw was found in libsoup. The package is vulnerable to a heap buffe ...

Resolved issues

BugDescription
CVE-2025-32908A flaw was found in libsoup. The HTTP/2 server in libsoup may not full ...
CVE-2025-32051A flaw was found in libsoup. The libsoup soup_uri_decode_data_uri() fu ...
CVE-2024-52532GNOME libsoup before 3.6.1 has an infinite loop, and memory consumptio ...
CVE-2024-52531GNOME libsoup before 3.6.1 allows a buffer overflow in applications th ...
CVE-2024-52530GNOME libsoup before 3.6.0 allows HTTP request smuggling in some confi ...
CVE-2019-17266libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer ove ...
CVE-2018-12910The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows ...
CVE-2017-2885An exploitable stack based buffer overflow vulnerability exists in the ...
CVE-2011-2524Directory traversal vulnerability in soup-uri.c in SoupServer in libso ...

Security announcements

DSA / DLADescription
DLA-4140-1libsoup2.4 - security update
DLA-3992-1libsoup2.4 - security update
DLA-1416-1libsoup2.4 - security update
DSA-4241-1libsoup2.4 - security update
DSA-3929-1libsoup2.4 - security update
DSA-2369-1libsoup2.4 - directory traversal

Search for package or bug name: Reporting problems