VDB
GCVE-110-MAGEIA-2024-382
GCVE-110-MAGEIA-2024-382
Advisory Published
GNOME libsoup before 3.6.0 allows HTTP request smuggling in some
configurations because '\0' characters at the end of header names are
ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the
same as a "Transfer-Encoding: chunked" header. (CVE-2024-52530)
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that
perform conversion to UTF-8 in soup_header_parse_param_list_strict.
Input received over the network cannot trigger this. (CVE-2024-52531)
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption.
during the reading of certain patterns of WebSocket data from clients.
(CVE-2024-52532)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | libsoup3 | 0 (affected), 3.4.2-1.1.mga9 (unaffected) | — |
| Mageia | libsoup | 0 (affected), 2.74.3-1.1.mga9 (unaffected) | — |
References
Browse GCVE Records
73,738 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.