We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-52531



Description

GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).

Reserved 2024-11-11 | Published 2024-11-11 | Updated 2025-04-14 | Assigner mitre


MEDIUM: 6.5CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

Problem types

CWE-787 Out-of-bounds Write

Product status

Default status
unaffected

Any version before 3.6.1
affected

References

gitlab.gnome.org/Teams/Releng/security/-/wikis/home

gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407

gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407

offsec.almond.consulting/...-example-with-gnome-libsoup.html

cve.org (CVE-2024-52531)

nvd.nist.gov (CVE-2024-52531)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2024-52531

Support options

Helpdesk Chat, Email, Knowledgebase