CVE-2024-52532Infinite Loop in Libsoup

CWE-835Infinite Loop13 documents8 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 57.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Gnome Libsoup
Timeline
PublishedNov 11
Latest updateJun 11

Description

GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDgnome/libsoup< 3.6.1

🔴Vulnerability Details

6
OSV
libsoup2.4 vulnerabilities2025-06-11
OSV
libsoup3 vulnerabilities2024-11-27
OSV
libsoup2.4 vulnerabilities2024-11-27
GHSA
GHSA-f6qg-rg6j-cxgf: GNOME libsoup before 32024-11-11
CVEList
CVE-2024-52532: GNOME libsoup before 32024-11-11

📋Vendor Advisories

6
Ubuntu
libsoup vulnerabilities2025-06-11
Ubuntu
libsoup vulnerabilities2024-11-27
Ubuntu
libsoup3 vulnerabilities2024-11-27
Microsoft
GNOME libsoup before 3.6.1 has an infinite loop and memory consumption. during the reading of certain patterns of WebSocket data from clients.2024-11-12
Red Hat
libsoup: infinite loop while reading websocket data2024-11-11