A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS).
The product misinterprets an input, whether from an attacker or another product, in a security-relevant fashion.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Red Hat Enterprise Linux 10 | RedHat | libsoup3-0:3.6.5-3.el10_0 | * |
Libsoup3 | Ubuntu | noble | * |
Libsoup3 | Ubuntu | oracular | * |
Libsoup3 | Ubuntu | plucky | * |