USN-7126-1: libsoup vulnerabilities

Read Time:30 Second

It was discovered that libsoup ignored certain characters at the end of
header names. A remote attacker could possibly use this issue to perform
a HTTP request smuggling attack. (CVE-2024-52530)

It was discovered that libsoup did not correctly handle memory while
performing UTF-8 conversions. An attacker could possibly use this issue
to cause a denial of service or execute arbitrary code. (CVE-2024-52531)

It was discovered that libsoup could enter an infinite loop when reading
certain websocket data. An attacker could possibly use this issue to
cause a denial of service. (CVE-2024-52532)

Read More