CVE-2024-52532
published 2024-11-11CVE-2024-52532: GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libsoup2.4 | < libsoup2.4 2.74.3-1+deb12u1 (bookworm) | libsoup2.4 2.74.3-1+deb12u1 (bookworm) |
| debian | libsoup3 | < libsoup2.4 2.74.3-1+deb12u1 (bookworm) | libsoup2.4 2.74.3-1+deb12u1 (bookworm) |
| gnome | libsoup | < 3.6.1 | 3.6.1 |
| msrc | azl3_libsoup_3.4.4-2_on_azure_linux_3.0 | — | — |
| msrc | azl3_libsoup_3.4.4-6_on_azure_linux_3.0 | — | — |
| msrc | cbl2_libsoup_3.0.4-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_libsoup_3.0.4-6_on_cbl_mariner_2.0 | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH