pkg:Debian/libsoup3

50 total CVEsCRITICAL2HIGH17MEDIUM28LOW1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.1CVE-2026-2369A flaw was found in libsoup.
    from 0
  • CRITICAL9.0CVE-2025-32911A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function.
    from 0, < 3.2.3-0+deb12u1
  • HIGH8.6CVE-2026-1761A flaw was found in libsoup.
    from 0
  • HIGH8.6CVE-2026-0719A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network com…
    from 0
  • HIGH8.2CVE-2026-5119A flaw was found in libsoup.
    from 0
  • HIGH8.2CVE-2026-2436A flaw was found in libsoup's SoupServer.
    from 0
  • HIGH8.2CVE-2025-14523A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side process…
    from 0
  • HIGH7.5CVE-2026-4271A flaw was found in libsoup, a library for handling HTTP requests.
    from 0
  • HIGH7.5CVE-2025-12105A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to m…
    from 0
  • HIGH7.5CVE-2025-11021A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communi…
    from 0
  • HIGH7.5CVE-2025-4948A flaw was found in the soup_multipart_new_from_message() function of the libsoup HTTP library, which is commonly used by GNOME and other a…
    from 0
  • HIGH7.5CVE-2025-32913A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference.
    from 0
  • HIGH7.5CVE-2025-32908A flaw was found in libsoup.
    from 0
  • HIGH7.5CVE-2025-32906A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read.
    from 0, < 3.2.3-0+deb12u1
  • HIGH7.5CVE-2025-32049A flaw was found in libsoup.
    from 0
  • HIGH7.5CVE-2024-52532GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption.
    from 0, < 3.2.3-0+deb12u1
  • HIGH7.5CVE-2024-52530libsoup2.4 - security update
    from 0, < 3.2.3-0+deb12u1
  • HIGH7.4CVE-2025-32914A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read.
    from 0
  • HIGH7.3CVE-2026-3099A flaw was found in Libsoup.
    from 0
  • MEDIUM6.8CVE-2025-46421A flaw was found in libsoup.
    from 0, < 3.2.3-0+deb12u1
  • MEDIUM6.5CVE-2026-3634A flaw was found in libsoup.
    from 0
  • MEDIUM6.5CVE-2026-3633A flaw was found in libsoup.
    from 0
  • MEDIUM6.5CVE-2026-1801A flaw was found in libsoup, an HTTP client/server library.
    from 0
  • MEDIUM6.5CVE-2025-4969A vulnerability was found in the libsoup package.
    from 0
  • MEDIUM6.5CVE-2025-46420A flaw was found in libsoup.
    from 0, < 3.2.3-0+deb12u1
  • MEDIUM6.5CVE-2025-32912A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference.
    from 0, < 3.2.3-0+deb12u1
  • MEDIUM6.5CVE-2025-32910A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference.
    from 0, < 3.2.3-0+deb12u1
  • MEDIUM6.5CVE-2025-32053A flaw was found in libsoup.
    from 0, < 3.2.3-0+deb12u1
  • MEDIUM6.5CVE-2025-32052A flaw was found in libsoup.
    from 0, < 3.2.3-0+deb12u1
  • MEDIUM6.5CVE-2025-2784libsoup2.4 - security update
    from 0, < 3.2.3-0+deb12u1
  • MEDIUM6.5CVE-2024-52531GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict.
    from 0, < 3.2.3-0+deb12u1
  • MEDIUM5.9CVE-2025-9901A flaw was found in libsoup’s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses.
    from 0
  • MEDIUM5.9CVE-2025-32051A flaw was found in libsoup.
    from 0, < 3.2.3-0+deb12u1
  • MEDIUM5.9CVE-2025-32050A flaw was found in libsoup.
    from 0, < 3.2.3-0+deb12u1
  • MEDIUM5.8CVE-2026-1539A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations.
    from 0
  • MEDIUM5.5CVE-2026-3632A flaw was found in libsoup, a library used by applications to send network requests.
    from 0
  • MEDIUM5.3CVE-2026-2708A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic.
    from 0
  • MEDIUM5.3CVE-2026-2443A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems.
    from 0
  • MEDIUM5.3CVE-2026-1760A flaw was found in SoupServer.
    from 0
  • MEDIUM5.3CVE-2026-1536A flaw was found in libsoup.
    from 0
  • MEDIUM5.3CVE-2026-1467A flaw was found in libsoup, an HTTP client library.
    from 0
  • MEDIUM5.3CVE-2025-32909A flaw was found in libsoup.
    from 0, < 3.2.3-0+deb12u1
  • MEDIUM5.3CVE-2025-32907A flaw was found in libsoup.
    from 0
  • MEDIUM4.8CVE-2026-6324A flaw was found in libsoup.
    from 0
  • MEDIUM4.8CVE-2026-0716A flaw was found in libsoup’s WebSocket frame processing when handling incoming messages.
    from 0
  • MEDIUM4.3CVE-2025-4476libsoup2.4 - security update
    from 0
  • MEDIUM4.3CVE-2025-4035A flaw was found in libsoup.
    from 0
  • LOW3.7CVE-2025-4945A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software.
    from 0
  • CVE-2025-8197Rejected reason: Maintainers have included reasons at https://gitlab.gnome.org/GNOME/libsoup/-/issues/465
    from 0
  • CVE-2025-7370Rejected reason: Upon investigtion upstream maintainers discovered this was not a real issue.
    from 0