Threats Tagged 'cve-2025-4948'

A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set cookies for domains it does not own, potentially leading to integrity issues such as session fixation.

Multiple security vulnerabilities have been identified in the libsoup HTTP client and server library for GNOME, affecting Red Hat Enterprise Linux 8. These include heap buffer over-read, denial of service via websocket server, out-of-bounds read causing process crash, and integer underflow leading to denial of service. Red Hat has issued an important security advisory with updates to address these issues.

Multiple security vulnerabilities have been identified in the libsoup HTTP client and server library for GNOME, affecting Red Hat Enterprise Linux 8.8 Extended Update Support. The issues include a heap buffer over-read, denial of service attacks via websocket server and integer underflow, and out-of-bounds read leading to process crashes. Red Hat has released an important security update addressing these vulnerabilities.

Multiple security vulnerabilities have been identified in the libsoup HTTP client and server library for GNOME, affecting Red Hat Enterprise Linux 8.2 AUS. These include heap buffer over-read, denial of service via websocket server, out-of-bounds read leading to process crash, and integer underflow causing denial of service. Red Hat has issued an important security advisory with updates to address these issues.

Multiple security vulnerabilities have been identified in the libsoup HTTP client and server library for GNOME, affecting Red Hat Enterprise Linux 8.6 variants. These include a heap buffer over-read, denial of service (DoS) attacks via websocket server and integer underflow, and an out-of-bounds read leading to process crashes. Red Hat has issued an important security advisory with updated libsoup packages to address these issues.

Multiple security vulnerabilities have been identified in the libsoup HTTP client and server library for GNOME, affecting Red Hat Enterprise Linux 8.4. These include heap buffer over-read, denial of service via websocket server, out-of-bounds read causing process crash, and integer underflow leading to denial of service. Red Hat has issued an important security advisory with updates addressing these issues.