cbcvebase.
CVE-2018-12910
published 2018-07-05

CVE-2018-12910: The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.

critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.

Affected

14 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debiandebian_linux
debiandebian_linux
debianlibsoup2.4< libsoup2.4 2.62.2-2 (bookworm)libsoup2.4 2.62.2-2 (bookworm)
gnomelibsoup
opensuseleap
redhatansible_tower
redhatenterprise_linux_desktop
redhatenterprise_linux_server
redhatenterprise_linux_workstation
redhatopenshift_container_platform

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL