Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-14523 (GCVE-0-2025-14523)
Vulnerability from cvelistv5 – Published: 2025-12-11 12:30 – Updated: 2026-03-19 14:35
VLAI
EPSS
Title
Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins)
Summary
A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers.
Severity
8.2 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
Assigner
References
21 references
Impacted products
27 products
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 |
Unaffected:
0:3.6.5-3.el10_1.8 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:10.1 |
|
| Red Hat | Red Hat Enterprise Linux 10.0 Extended Update Support |
Unaffected:
0:3.6.5-3.el10_0.11 , < *
(rpm)
cpe:/o:redhat:enterprise_linux_eus:10.0 |
|
| Red Hat | Red Hat Enterprise Linux 7 Extended Lifecycle Support |
Unaffected:
0:2.62.2-10.el7_9 , < *
(rpm)
cpe:/o:redhat:rhel_els:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
0:2.62.3-11.el8_10 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
0:8.10-6.el8_10.1 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support |
Unaffected:
0:2.62.3-1.el8_2.7 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/o:redhat:rhel_aus:8.2::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support |
Unaffected:
0:8.10-6.el8_2.1 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support |
Unaffected:
0:2.62.3-2.el8_4.7 , < *
(rpm)
cpe:/o:redhat:rhel_eus_long_life:8.4::baseos cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/a:redhat:rhel_eus_long_life:8.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support |
Unaffected:
0:8.10-6.el8_4.1 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On |
Unaffected:
0:2.62.3-2.el8_4.7 , < *
(rpm)
cpe:/o:redhat:rhel_eus_long_life:8.4::baseos cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/a:redhat:rhel_eus_long_life:8.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On |
Unaffected:
0:8.10-6.el8_4.1 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support |
Unaffected:
0:2.62.3-2.el8_6.7 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/o:redhat:rhel_e4s:8.6::baseos cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/o:redhat:rhel_tus:8.6::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support |
Unaffected:
0:8.10-6.el8_6.1 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Telecommunications Update Service |
Unaffected:
0:2.62.3-2.el8_6.7 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/o:redhat:rhel_e4s:8.6::baseos cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/o:redhat:rhel_tus:8.6::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Telecommunications Update Service |
Unaffected:
0:8.10-6.el8_6.1 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions |
Unaffected:
0:2.62.3-2.el8_6.7 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/o:redhat:rhel_e4s:8.6::baseos cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/o:redhat:rhel_tus:8.6::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions |
Unaffected:
0:8.10-6.el8_6.1 , < *
(rpm)
cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.8 Telecommunications Update Service |
Unaffected:
0:2.62.3-3.el8_8.7 , < *
(rpm)
cpe:/o:redhat:rhel_e4s:8.8::baseos cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/o:redhat:rhel_tus:8.8::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8.8 Telecommunications Update Service |
Unaffected:
0:8.10-6.el8_8.1 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions |
Unaffected:
0:2.62.3-3.el8_8.7 , < *
(rpm)
cpe:/o:redhat:rhel_e4s:8.8::baseos cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/o:redhat:rhel_tus:8.8::baseos |
|
| Red Hat | Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions |
Unaffected:
0:8.10-6.el8_8.1 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:2.72.0-12.el9_7.3 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions |
Unaffected:
0:2.72.0-8.el9_0.8 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:9.0::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions |
Unaffected:
0:2.72.0-8.el9_2.8 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:9.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.4 Extended Update Support |
Unaffected:
0:2.72.0-8.el9_4.8 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.6 Extended Update Support |
Unaffected:
0:2.72.0-10.el9_6.5 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
Date Public
2025-12-11 00:00
Credits
Red Hat would like to thank Ky0toFu and Sovereign Tech Resilience program for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14523",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-11T14:49:20.324130Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T16:29:53.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1"
],
"defaultStatus": "affected",
"packageName": "libsoup3",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.6.5-3.el10_1.8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"packageName": "libsoup3",
"product": "Red Hat Enterprise Linux 10.0 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.6.5-3.el10_0.11",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_els:7"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.62.2-10.el7_9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::baseos",
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.62.3-11.el8_10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "spice-client-win",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.10-6.el8_10.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::baseos",
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.62.3-11.el8_10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.2::appstream",
"cpe:/o:redhat:rhel_aus:8.2::baseos"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.62.3-1.el8_2.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.2::appstream"
],
"defaultStatus": "affected",
"packageName": "spice-client-win",
"product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.10-6.el8_2.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
"cpe:/a:redhat:rhel_aus:8.4::appstream",
"cpe:/o:redhat:rhel_aus:8.4::baseos",
"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.62.3-2.el8_4.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.4::appstream",
"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
],
"defaultStatus": "affected",
"packageName": "spice-client-win",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.10-6.el8_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
"cpe:/a:redhat:rhel_aus:8.4::appstream",
"cpe:/o:redhat:rhel_aus:8.4::baseos",
"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.62.3-2.el8_4.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.4::appstream",
"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
],
"defaultStatus": "affected",
"packageName": "spice-client-win",
"product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.10-6.el8_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/o:redhat:rhel_e4s:8.6::baseos",
"cpe:/a:redhat:rhel_tus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/o:redhat:rhel_tus:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.62.3-2.el8_6.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "spice-client-win",
"product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.10-6.el8_6.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/o:redhat:rhel_e4s:8.6::baseos",
"cpe:/a:redhat:rhel_tus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/o:redhat:rhel_tus:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.62.3-2.el8_6.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "spice-client-win",
"product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.10-6.el8_6.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/o:redhat:rhel_e4s:8.6::baseos",
"cpe:/a:redhat:rhel_tus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/o:redhat:rhel_aus:8.6::baseos",
"cpe:/o:redhat:rhel_tus:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.62.3-2.el8_6.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "spice-client-win",
"product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.10-6.el8_6.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.8::baseos",
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/a:redhat:rhel_tus:8.8::appstream",
"cpe:/o:redhat:rhel_tus:8.8::baseos"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.62.3-3.el8_8.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/a:redhat:rhel_tus:8.8::appstream"
],
"defaultStatus": "affected",
"packageName": "spice-client-win",
"product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.10-6.el8_8.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.8::baseos",
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/a:redhat:rhel_tus:8.8::appstream",
"cpe:/o:redhat:rhel_tus:8.8::baseos"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.62.3-3.el8_8.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/a:redhat:rhel_tus:8.8::appstream"
],
"defaultStatus": "affected",
"packageName": "spice-client-win",
"product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.10-6.el8_8.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.72.0-12.el9_7.3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.72.0-8.el9_0.8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.72.0-8.el9_2.8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.72.0-8.el9_4.8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::appstream"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 9.6 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.72.0-10.el9_6.5",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Ky0toFu and Sovereign Tech Resilience program for reporting this issue."
}
],
"datePublic": "2025-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw in libsoup\u2019s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-19T14:35:08.581Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2026:0421",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0421"
},
{
"name": "RHSA-2026:0422",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0422"
},
{
"name": "RHSA-2026:0423",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0423"
},
{
"name": "RHSA-2026:0836",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0836"
},
{
"name": "RHSA-2026:0867",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0867"
},
{
"name": "RHSA-2026:0868",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0868"
},
{
"name": "RHSA-2026:0905",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0905"
},
{
"name": "RHSA-2026:0906",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0906"
},
{
"name": "RHSA-2026:0907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0907"
},
{
"name": "RHSA-2026:0908",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0908"
},
{
"name": "RHSA-2026:0909",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0909"
},
{
"name": "RHSA-2026:0911",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0911"
},
{
"name": "RHSA-2026:0925",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0925"
},
{
"name": "RHSA-2026:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1509"
},
{
"name": "RHSA-2026:1569",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1569"
},
{
"name": "RHSA-2026:1570",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1570"
},
{
"name": "RHSA-2026:1571",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1571"
},
{
"name": "RHSA-2026:1572",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1572"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-14523"
},
{
"name": "RHBZ#2421349",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2421349"
},
{
"url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/472"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-11T06:58:04.938Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-12-11T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins)",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-14523",
"datePublished": "2025-12-11T12:30:59.266Z",
"dateReserved": "2025-12-11T07:03:53.445Z",
"dateUpdated": "2026-03-19T14:35:08.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-14523",
"date": "2026-06-07",
"epss": "0.00024",
"percentile": "0.07042"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-14523\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2025-12-11T13:15:58.983\",\"lastModified\":\"2026-03-19T15:16:17.593\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw in libsoup\u2019s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0421\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0422\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0423\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0836\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0867\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0868\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0905\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0906\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0907\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0908\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0909\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0911\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:0925\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1509\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1569\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1570\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1571\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:1572\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-14523\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2421349\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://gitlab.gnome.org/GNOME/libsoup/-/issues/472\",\"source\":\"secalert@redhat.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-14523\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-11T14:49:20.324130Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-11T14:54:32.589Z\"}}], \"cna\": {\"title\": \"Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins)\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Ky0toFu and Sovereign Tech Resilience program for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.6.5-3.el10_1.8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup3\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10.0 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:3.6.5-3.el10_0.11\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup3\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_els:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7 Extended Lifecycle Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.2-10.el7_9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8::baseos\", \"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.3-11.el8_10\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.10-6.el8_10.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"spice-client-win\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8::baseos\", \"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.3-11.el8_10\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.2::appstream\", \"cpe:/o:redhat:rhel_aus:8.2::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.2 Advanced Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.3-1.el8_2.7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.2 Advanced Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.10-6.el8_2.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"spice-client-win\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos\", \"cpe:/a:redhat:rhel_aus:8.4::appstream\", \"cpe:/o:redhat:rhel_aus:8.4::baseos\", \"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.3-2.el8_4.7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.4::appstream\", \"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.10-6.el8_4.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"spice-client-win\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos\", \"cpe:/a:redhat:rhel_aus:8.4::appstream\", \"cpe:/o:redhat:rhel_aus:8.4::baseos\", \"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.3-2.el8_4.7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.4::appstream\", \"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.10-6.el8_4.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"spice-client-win\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\", \"cpe:/o:redhat:rhel_e4s:8.6::baseos\", \"cpe:/a:redhat:rhel_tus:8.6::appstream\", \"cpe:/a:redhat:rhel_e4s:8.6::appstream\", \"cpe:/o:redhat:rhel_aus:8.6::baseos\", \"cpe:/o:redhat:rhel_tus:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.3-2.el8_6.7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\", \"cpe:/a:redhat:rhel_tus:8.6::appstream\", \"cpe:/a:redhat:rhel_e4s:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.10-6.el8_6.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"spice-client-win\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\", \"cpe:/o:redhat:rhel_e4s:8.6::baseos\", \"cpe:/a:redhat:rhel_tus:8.6::appstream\", \"cpe:/a:redhat:rhel_e4s:8.6::appstream\", \"cpe:/o:redhat:rhel_aus:8.6::baseos\", \"cpe:/o:redhat:rhel_tus:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.3-2.el8_6.7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\", \"cpe:/a:redhat:rhel_tus:8.6::appstream\", \"cpe:/a:redhat:rhel_e4s:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.10-6.el8_6.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"spice-client-win\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\", \"cpe:/o:redhat:rhel_e4s:8.6::baseos\", \"cpe:/a:redhat:rhel_tus:8.6::appstream\", \"cpe:/a:redhat:rhel_e4s:8.6::appstream\", \"cpe:/o:redhat:rhel_aus:8.6::baseos\", \"cpe:/o:redhat:rhel_tus:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.3-2.el8_6.7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\", \"cpe:/a:redhat:rhel_tus:8.6::appstream\", \"cpe:/a:redhat:rhel_e4s:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.10-6.el8_6.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"spice-client-win\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:8.8::baseos\", \"cpe:/a:redhat:rhel_e4s:8.8::appstream\", \"cpe:/a:redhat:rhel_tus:8.8::appstream\", \"cpe:/o:redhat:rhel_tus:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.3-3.el8_8.7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:8.8::appstream\", \"cpe:/a:redhat:rhel_tus:8.8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.10-6.el8_8.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"spice-client-win\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:8.8::baseos\", \"cpe:/a:redhat:rhel_e4s:8.8::appstream\", \"cpe:/a:redhat:rhel_tus:8.8::appstream\", \"cpe:/o:redhat:rhel_tus:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.62.3-3.el8_8.7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:8.8::appstream\", \"cpe:/a:redhat:rhel_tus:8.8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:8.10-6.el8_8.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"spice-client-win\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.72.0-12.el9_7.3\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.0::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.72.0-8.el9_0.8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.72.0-8.el9_2.8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.4 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.72.0-8.el9_4.8\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.6 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.72.0-10.el9_6.5\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-12-11T06:58:04.938Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-12-11T00:00:00.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-12-11T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2026:0421\", \"name\": \"RHSA-2026:0421\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0422\", \"name\": \"RHSA-2026:0422\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0423\", \"name\": \"RHSA-2026:0423\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0836\", \"name\": \"RHSA-2026:0836\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0867\", \"name\": \"RHSA-2026:0867\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0868\", \"name\": \"RHSA-2026:0868\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0905\", \"name\": \"RHSA-2026:0905\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0906\", \"name\": \"RHSA-2026:0906\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0907\", \"name\": \"RHSA-2026:0907\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0908\", \"name\": \"RHSA-2026:0908\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0909\", \"name\": \"RHSA-2026:0909\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0911\", \"name\": \"RHSA-2026:0911\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:0925\", \"name\": \"RHSA-2026:0925\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1509\", \"name\": \"RHSA-2026:1509\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1569\", \"name\": \"RHSA-2026:1569\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1570\", \"name\": \"RHSA-2026:1570\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1571\", \"name\": \"RHSA-2026:1571\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:1572\", \"name\": \"RHSA-2026:1572\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2025-14523\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2421349\", \"name\": \"RHBZ#2421349\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://gitlab.gnome.org/GNOME/libsoup/-/issues/472\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw in libsoup\\u2019s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-444\", \"description\": \"Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2026-03-19T14:35:08.581Z\"}, \"x_redhatCweChain\": \"CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-14523\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-19T14:35:08.581Z\", \"dateReserved\": \"2025-12-11T07:03:53.445Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2025-12-11T12:30:59.266Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2026:0253-1
Vulnerability from csaf_suse - Published: 2026-01-22 16:08 - Updated: 2026-01-22 16:08Summary
Security update for libsoup2
Severity
Important
Notes
Title of the patch: Security update for libsoup2
Description of the patch: This update for libsoup2 fixes the following issues:
- CVE-2025-14523: Reject duplicated Host in headers and followed upstream update (bsc#1254876).
- CVE-2026-0719: Fixed overflow for password md4sum (bsc#1256399)
Patchnames: SUSE-2026-253,SUSE-SLE-Module-Basesystem-15-SP7-2026-253,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-253,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-253,openSUSE-SLE-15.6-2026-253
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.2 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-lang-2.74.3-150600.4.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-lang-2.74.3-150600.4.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-lang-2.74.3-150600.4.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup2-lang-2.74.3-150600.4.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-lang-2.74.3-150600.4.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-lang-2.74.3-150600.4.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-lang-2.74.3-150600.4.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup2-lang-2.74.3-150600.4.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libsoup2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libsoup2 fixes the following issues:\n\n- CVE-2025-14523: Reject duplicated Host in headers and followed upstream update (bsc#1254876).\n- CVE-2026-0719: Fixed overflow for password md4sum (bsc#1256399)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-253,SUSE-SLE-Module-Basesystem-15-SP7-2026-253,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-253,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-253,openSUSE-SLE-15.6-2026-253",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0253-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0253-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260253-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0253-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023895.html"
},
{
"category": "self",
"summary": "SUSE Bug 1254876",
"url": "https://bugzilla.suse.com/1254876"
},
{
"category": "self",
"summary": "SUSE Bug 1256399",
"url": "https://bugzilla.suse.com/1256399"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-14523 page",
"url": "https://www.suse.com/security/cve/CVE-2025-14523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-0719 page",
"url": "https://www.suse.com/security/cve/CVE-2026-0719/"
}
],
"title": "Security update for libsoup2",
"tracking": {
"current_release_date": "2026-01-22T16:08:05Z",
"generator": {
"date": "2026-01-22T16:08:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0253-1",
"initial_release_date": "2026-01-22T16:08:05Z",
"revision_history": [
{
"date": "2026-01-22T16:08:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"product": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"product_id": "libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"product": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"product_id": "libsoup2-devel-2.74.3-150600.4.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"product": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"product_id": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-2_4-1-64bit-2.74.3-150600.4.19.1.aarch64_ilp32",
"product": {
"name": "libsoup-2_4-1-64bit-2.74.3-150600.4.19.1.aarch64_ilp32",
"product_id": "libsoup-2_4-1-64bit-2.74.3-150600.4.19.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-64bit-2.74.3-150600.4.19.1.aarch64_ilp32",
"product": {
"name": "libsoup2-devel-64bit-2.74.3-150600.4.19.1.aarch64_ilp32",
"product_id": "libsoup2-devel-64bit-2.74.3-150600.4.19.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.i586",
"product": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.i586",
"product_id": "libsoup-2_4-1-2.74.3-150600.4.19.1.i586"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-2.74.3-150600.4.19.1.i586",
"product": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.i586",
"product_id": "libsoup2-devel-2.74.3-150600.4.19.1.i586"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.i586",
"product": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.i586",
"product_id": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"product": {
"name": "libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"product_id": "libsoup2-lang-2.74.3-150600.4.19.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"product": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"product_id": "libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"product": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"product_id": "libsoup2-devel-2.74.3-150600.4.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"product": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"product_id": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"product": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"product_id": "libsoup-2_4-1-2.74.3-150600.4.19.1.s390x"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"product": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"product_id": "libsoup2-devel-2.74.3-150600.4.19.1.s390x"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"product": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"product_id": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"product": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"product_id": "libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64",
"product": {
"name": "libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64",
"product_id": "libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"product": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"product_id": "libsoup2-devel-2.74.3-150600.4.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64",
"product": {
"name": "libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64",
"product_id": "libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"product": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"product_id": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.aarch64"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.s390x"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-lang-2.74.3-150600.4.19.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-lang-2.74.3-150600.4.19.1.noarch"
},
"product_reference": "libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.aarch64"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.s390x"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-lang-2.74.3-150600.4.19.1.noarch as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-lang-2.74.3-150600.4.19.1.noarch"
},
"product_reference": "libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-lang-2.74.3-150600.4.19.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-lang-2.74.3-150600.4.19.1.noarch"
},
"product_reference": "libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.aarch64"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.s390x"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.3-150600.4.19.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-lang-2.74.3-150600.4.19.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup2-lang-2.74.3-150600.4.19.1.noarch"
},
"product_reference": "libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-14523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-14523"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in libsoup\u0027s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-14523",
"url": "https://www.suse.com/security/cve/CVE-2025-14523"
},
{
"category": "external",
"summary": "SUSE Bug 1254876 for CVE-2025-14523",
"url": "https://bugzilla.suse.com/1254876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-22T16:08:05Z",
"details": "important"
}
],
"title": "CVE-2025-14523"
},
{
"cve": "CVE-2026-0719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-0719"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-0719",
"url": "https://www.suse.com/security/cve/CVE-2026-0719"
},
{
"category": "external",
"summary": "SUSE Bug 1256399 for CVE-2026-0719",
"url": "https://bugzilla.suse.com/1256399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:libsoup-2_4-1-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup-2_4-1-32bit-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:libsoup2-devel-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-devel-32bit-2.74.3-150600.4.19.1.x86_64",
"openSUSE Leap 15.6:libsoup2-lang-2.74.3-150600.4.19.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-2_4-2.74.3-150600.4.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-22T16:08:05Z",
"details": "important"
}
],
"title": "CVE-2026-0719"
}
]
}
SUSE-SU-2026:0257-1
Vulnerability from csaf_suse - Published: 2026-01-22 16:09 - Updated: 2026-01-22 16:09Summary
Security update for libsoup
Severity
Important
Notes
Title of the patch: Security update for libsoup
Description of the patch: This update for libsoup fixes the following issues:
- CVE-2026-0716: Fixed out-of-bounds read for websocket (bsc#1256418)
- CVE-2026-0719: Fixed overflow for password md4sum (bsc#1256399)
- CVE-2025-14523: Reject duplicated Host in headers and followed upstream update (bsc#1254876).
Patchnames: SUSE-2026-257,SUSE-SLE-Module-Basesystem-15-SP7-2026-257,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-257,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-257,openSUSE-SLE-15.6-2026-257
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.2 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.28.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-lang-3.4.4-150600.3.28.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-lang-3.4.4-150600.3.28.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-lang-3.4.4-150600.3.28.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.28.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-lang-3.4.4-150600.3.28.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-lang-3.4.4-150600.3.28.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-lang-3.4.4-150600.3.28.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.28.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-lang-3.4.4-150600.3.28.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-lang-3.4.4-150600.3.28.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:libsoup-lang-3.4.4-150600.3.28.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libsoup",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libsoup fixes the following issues:\n\n- CVE-2026-0716: Fixed out-of-bounds read for websocket (bsc#1256418)\n- CVE-2026-0719: Fixed overflow for password md4sum (bsc#1256399)\n- CVE-2025-14523: Reject duplicated Host in headers and followed upstream update (bsc#1254876).\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-257,SUSE-SLE-Module-Basesystem-15-SP7-2026-257,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-257,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-257,openSUSE-SLE-15.6-2026-257",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0257-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0257-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260257-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0257-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023891.html"
},
{
"category": "self",
"summary": "SUSE Bug 1254876",
"url": "https://bugzilla.suse.com/1254876"
},
{
"category": "self",
"summary": "SUSE Bug 1256399",
"url": "https://bugzilla.suse.com/1256399"
},
{
"category": "self",
"summary": "SUSE Bug 1256418",
"url": "https://bugzilla.suse.com/1256418"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-14523 page",
"url": "https://www.suse.com/security/cve/CVE-2025-14523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-0716 page",
"url": "https://www.suse.com/security/cve/CVE-2026-0716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-0719 page",
"url": "https://www.suse.com/security/cve/CVE-2026-0719/"
}
],
"title": "Security update for libsoup",
"tracking": {
"current_release_date": "2026-01-22T16:09:13Z",
"generator": {
"date": "2026-01-22T16:09:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0257-1",
"initial_release_date": "2026-01-22T16:09:13Z",
"revision_history": [
{
"date": "2026-01-22T16:09:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"product": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"product_id": "libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"product": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"product_id": "libsoup-devel-3.4.4-150600.3.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"product": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"product_id": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-64bit-3.4.4-150600.3.28.1.aarch64_ilp32",
"product": {
"name": "libsoup-3_0-0-64bit-3.4.4-150600.3.28.1.aarch64_ilp32",
"product_id": "libsoup-3_0-0-64bit-3.4.4-150600.3.28.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libsoup-devel-64bit-3.4.4-150600.3.28.1.aarch64_ilp32",
"product": {
"name": "libsoup-devel-64bit-3.4.4-150600.3.28.1.aarch64_ilp32",
"product_id": "libsoup-devel-64bit-3.4.4-150600.3.28.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.i586",
"product": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.i586",
"product_id": "libsoup-3_0-0-3.4.4-150600.3.28.1.i586"
}
},
{
"category": "product_version",
"name": "libsoup-devel-3.4.4-150600.3.28.1.i586",
"product": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.i586",
"product_id": "libsoup-devel-3.4.4-150600.3.28.1.i586"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.i586",
"product": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.i586",
"product_id": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-lang-3.4.4-150600.3.28.1.noarch",
"product": {
"name": "libsoup-lang-3.4.4-150600.3.28.1.noarch",
"product_id": "libsoup-lang-3.4.4-150600.3.28.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"product": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"product_id": "libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"product": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"product_id": "libsoup-devel-3.4.4-150600.3.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"product": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"product_id": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"product": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"product_id": "libsoup-3_0-0-3.4.4-150600.3.28.1.s390x"
}
},
{
"category": "product_version",
"name": "libsoup-devel-3.4.4-150600.3.28.1.s390x",
"product": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.s390x",
"product_id": "libsoup-devel-3.4.4-150600.3.28.1.s390x"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"product": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"product_id": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"product": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"product_id": "libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64",
"product": {
"name": "libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64",
"product_id": "libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"product": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"product_id": "libsoup-devel-3.4.4-150600.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64",
"product": {
"name": "libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64",
"product_id": "libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"product": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"product_id": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.aarch64"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.ppc64le"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.s390x"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-lang-3.4.4-150600.3.28.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.28.1.noarch"
},
"product_reference": "libsoup-lang-3.4.4-150600.3.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.aarch64"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.ppc64le"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.s390x"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-lang-3.4.4-150600.3.28.1.noarch as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-lang-3.4.4-150600.3.28.1.noarch"
},
"product_reference": "libsoup-lang-3.4.4-150600.3.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-lang-3.4.4-150600.3.28.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-lang-3.4.4-150600.3.28.1.noarch"
},
"product_reference": "libsoup-lang-3.4.4-150600.3.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.aarch64"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.s390x"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.4.4-150600.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-lang-3.4.4-150600.3.28.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libsoup-lang-3.4.4-150600.3.28.1.noarch"
},
"product_reference": "libsoup-lang-3.4.4-150600.3.28.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-14523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-14523"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in libsoup\u0027s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-14523",
"url": "https://www.suse.com/security/cve/CVE-2025-14523"
},
{
"category": "external",
"summary": "SUSE Bug 1254876 for CVE-2025-14523",
"url": "https://bugzilla.suse.com/1254876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-22T16:09:13Z",
"details": "important"
}
],
"title": "CVE-2025-14523"
},
{
"cve": "CVE-2026-0716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-0716"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libsoup\u0027s WebSocket frame processing when handling incoming messages. If a non-default configuration is used where the maximum incoming payload size is unset, the library may read memory outside the intended bounds. This can cause unintended memory exposure or a crash. Applications using libsoup\u0027s WebSocket support with this configuration may be impacted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-0716",
"url": "https://www.suse.com/security/cve/CVE-2026-0716"
},
{
"category": "external",
"summary": "SUSE Bug 1256418 for CVE-2026-0716",
"url": "https://bugzilla.suse.com/1256418"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-22T16:09:13Z",
"details": "moderate"
}
],
"title": "CVE-2026-0716"
},
{
"cve": "CVE-2026-0719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-0719"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-0719",
"url": "https://www.suse.com/security/cve/CVE-2026-0719"
},
{
"category": "external",
"summary": "SUSE Bug 1256399 for CVE-2026-0719",
"url": "https://bugzilla.suse.com/1256399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-3_0-0-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-3_0-0-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:libsoup-devel-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-devel-32bit-3.4.4-150600.3.28.1.x86_64",
"openSUSE Leap 15.6:libsoup-lang-3.4.4-150600.3.28.1.noarch",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-Soup-3_0-3.4.4-150600.3.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-22T16:09:13Z",
"details": "important"
}
],
"title": "CVE-2026-0719"
}
]
}
SUSE-SU-2026:0258-1
Vulnerability from csaf_suse - Published: 2026-01-22 16:10 - Updated: 2026-01-22 16:10Summary
Security update for libsoup2
Severity
Important
Notes
Title of the patch: Security update for libsoup2
Description of the patch: This update for libsoup2 fixes the following issues:
- CVE-2025-14523: Reject duplicated Host in headers and followed upstream update (bsc#1254876).
- CVE-2026-0719: Fixed overflow for password md4sum (bsc#1256399)
Patchnames: SUSE-2026-258,SUSE-SLE-Micro-5.3-2026-258,SUSE-SLE-Micro-5.4-2026-258,SUSE-SLE-Micro-5.5-2026-258,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-258,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-258,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-258,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-258,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-258,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-258,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-258,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-258
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.2 (High)
Affected products
Recommended
78 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
78 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-lang-2.74.2-150400.3.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libsoup2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libsoup2 fixes the following issues:\n\n- CVE-2025-14523: Reject duplicated Host in headers and followed upstream update (bsc#1254876).\n- CVE-2026-0719: Fixed overflow for password md4sum (bsc#1256399)\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-258,SUSE-SLE-Micro-5.3-2026-258,SUSE-SLE-Micro-5.4-2026-258,SUSE-SLE-Micro-5.5-2026-258,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-258,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-258,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-258,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-258,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-258,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-258,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-258,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-258",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0258-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0258-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260258-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0258-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023890.html"
},
{
"category": "self",
"summary": "SUSE Bug 1254876",
"url": "https://bugzilla.suse.com/1254876"
},
{
"category": "self",
"summary": "SUSE Bug 1256399",
"url": "https://bugzilla.suse.com/1256399"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-14523 page",
"url": "https://www.suse.com/security/cve/CVE-2025-14523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-0719 page",
"url": "https://www.suse.com/security/cve/CVE-2026-0719/"
}
],
"title": "Security update for libsoup2",
"tracking": {
"current_release_date": "2026-01-22T16:10:25Z",
"generator": {
"date": "2026-01-22T16:10:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0258-1",
"initial_release_date": "2026-01-22T16:10:25Z",
"revision_history": [
{
"date": "2026-01-22T16:10:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"product": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"product_id": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"product": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"product_id": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"product": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"product_id": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-2_4-1-64bit-2.74.2-150400.3.19.1.aarch64_ilp32",
"product": {
"name": "libsoup-2_4-1-64bit-2.74.2-150400.3.19.1.aarch64_ilp32",
"product_id": "libsoup-2_4-1-64bit-2.74.2-150400.3.19.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-64bit-2.74.2-150400.3.19.1.aarch64_ilp32",
"product": {
"name": "libsoup2-devel-64bit-2.74.2-150400.3.19.1.aarch64_ilp32",
"product_id": "libsoup2-devel-64bit-2.74.2-150400.3.19.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.i586",
"product": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.i586",
"product_id": "libsoup-2_4-1-2.74.2-150400.3.19.1.i586"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-2.74.2-150400.3.19.1.i586",
"product": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.i586",
"product_id": "libsoup2-devel-2.74.2-150400.3.19.1.i586"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.i586",
"product": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.i586",
"product_id": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"product": {
"name": "libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"product_id": "libsoup2-lang-2.74.2-150400.3.19.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"product": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"product_id": "libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"product": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"product_id": "libsoup2-devel-2.74.2-150400.3.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"product": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"product_id": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"product": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"product_id": "libsoup-2_4-1-2.74.2-150400.3.19.1.s390x"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"product": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"product_id": "libsoup2-devel-2.74.2-150400.3.19.1.s390x"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"product": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"product_id": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"product": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"product_id": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoup-2_4-1-32bit-2.74.2-150400.3.19.1.x86_64",
"product": {
"name": "libsoup-2_4-1-32bit-2.74.2-150400.3.19.1.x86_64",
"product_id": "libsoup-2_4-1-32bit-2.74.2-150400.3.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"product": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"product_id": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoup2-devel-32bit-2.74.2-150400.3.19.1.x86_64",
"product": {
"name": "libsoup2-devel-32bit-2.74.2-150400.3.19.1.x86_64",
"product_id": "libsoup2-devel-32bit-2.74.2-150400.3.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"product": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"product_id": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-lang-2.74.2-150400.3.19.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch"
},
"product_reference": "libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-lang-2.74.2-150400.3.19.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch"
},
"product_reference": "libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-lang-2.74.2-150400.3.19.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch"
},
"product_reference": "libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-lang-2.74.2-150400.3.19.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch"
},
"product_reference": "libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-lang-2.74.2-150400.3.19.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch"
},
"product_reference": "libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-lang-2.74.2-150400.3.19.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch"
},
"product_reference": "libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-lang-2.74.2-150400.3.19.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-lang-2.74.2-150400.3.19.1.noarch"
},
"product_reference": "libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup2-lang-2.74.2-150400.3.19.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-lang-2.74.2-150400.3.19.1.noarch"
},
"product_reference": "libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-14523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-14523"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in libsoup\u0027s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-14523",
"url": "https://www.suse.com/security/cve/CVE-2025-14523"
},
{
"category": "external",
"summary": "SUSE Bug 1254876 for CVE-2025-14523",
"url": "https://bugzilla.suse.com/1254876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-22T16:10:25Z",
"details": "important"
}
],
"title": "CVE-2025-14523"
},
{
"cve": "CVE-2026-0719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-0719"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-0719",
"url": "https://www.suse.com/security/cve/CVE-2026-0719"
},
{
"category": "external",
"summary": "SUSE Bug 1256399 for CVE-2026-0719",
"url": "https://bugzilla.suse.com/1256399"
},
{
"category": "external",
"summary": "SUSE Bug 1263697 for CVE-2026-0719",
"url": "https://bugzilla.suse.com/1263697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup-2_4-1-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-devel-2.74.2-150400.3.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libsoup2-lang-2.74.2-150400.3.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:typelib-1_0-Soup-2_4-2.74.2-150400.3.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-22T16:10:25Z",
"details": "important"
}
],
"title": "CVE-2026-0719"
}
]
}
SUSE-SU-2026:20053-1
Vulnerability from csaf_suse - Published: 2026-01-12 12:03 - Updated: 2026-01-12 12:03Summary
Security update for libsoup
Severity
Important
Notes
Title of the patch: Security update for libsoup
Description of the patch: This update for libsoup fixes the following issues:
- CVE-2025-14523: flaw in HTTP header handling can lead to host header parsing discrepancy between servers and proxies
and allow for request smuggling, cache poisoning and bypass of access controls (bsc#1254876).
Patchnames: SUSE-SLE-Micro-6.0-557
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.2 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libsoup",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libsoup fixes the following issues:\n\n- CVE-2025-14523: flaw in HTTP header handling can lead to host header parsing discrepancy between servers and proxies\n and allow for request smuggling, cache poisoning and bypass of access controls (bsc#1254876).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-557",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20053-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20053-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620053-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20053-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023756.html"
},
{
"category": "self",
"summary": "SUSE Bug 1254876",
"url": "https://bugzilla.suse.com/1254876"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-14523 page",
"url": "https://www.suse.com/security/cve/CVE-2025-14523/"
}
],
"title": "Security update for libsoup",
"tracking": {
"current_release_date": "2026-01-12T12:03:42Z",
"generator": {
"date": "2026-01-12T12:03:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20053-1",
"initial_release_date": "2026-01-12T12:03:42Z",
"revision_history": [
{
"date": "2026-01-12T12:03:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.4.2-10.1.aarch64",
"product": {
"name": "libsoup-3_0-0-3.4.2-10.1.aarch64",
"product_id": "libsoup-3_0-0-3.4.2-10.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.4.2-10.1.s390x",
"product": {
"name": "libsoup-3_0-0-3.4.2-10.1.s390x",
"product_id": "libsoup-3_0-0-3.4.2-10.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.4.2-10.1.x86_64",
"product": {
"name": "libsoup-3_0-0-3.4.2-10.1.x86_64",
"product_id": "libsoup-3_0-0-3.4.2-10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.2-10.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.aarch64"
},
"product_reference": "libsoup-3_0-0-3.4.2-10.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.2-10.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.s390x"
},
"product_reference": "libsoup-3_0-0-3.4.2-10.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.2-10.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.x86_64"
},
"product_reference": "libsoup-3_0-0-3.4.2-10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-14523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-14523"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in libsoup\u0027s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.aarch64",
"SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.s390x",
"SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-14523",
"url": "https://www.suse.com/security/cve/CVE-2025-14523"
},
{
"category": "external",
"summary": "SUSE Bug 1254876 for CVE-2025-14523",
"url": "https://bugzilla.suse.com/1254876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.aarch64",
"SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.s390x",
"SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.aarch64",
"SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.s390x",
"SUSE Linux Micro 6.0:libsoup-3_0-0-3.4.2-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-12T12:03:42Z",
"details": "important"
}
],
"title": "CVE-2025-14523"
}
]
}
SUSE-SU-2026:20360-1
Vulnerability from csaf_suse - Published: 2026-01-19 11:45 - Updated: 2026-01-19 11:45Summary
Security update for libsoup
Severity
Important
Notes
Title of the patch: Security update for libsoup
Description of the patch: This update for libsoup fixes the following issues:
- CVE-2025-14523: flaw in HTTP header handling can lead to host header parsing discrepancy between servers and proxies
and allow for request smuggling, cache poisoning and bypass of access controls (bsc#1254876).
- CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion can lead to undefined
behavior or crash (bsc#1252555).
- CVE-2026-0716: Fixed out-of-bounds read for websocket (bsc#1256418).
- CVE-2026-0719: Fixed overflow for password md4sum (bsc#1256399).
Patchnames: SUSE-SLE-Micro-6.1-379
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.2 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libsoup",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libsoup fixes the following issues:\n\n- CVE-2025-14523: flaw in HTTP header handling can lead to host header parsing discrepancy between servers and proxies\n and allow for request smuggling, cache poisoning and bypass of access controls (bsc#1254876).\n- CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion can lead to undefined\n behavior or crash (bsc#1252555).\n- CVE-2026-0716: Fixed out-of-bounds read for websocket (bsc#1256418).\n- CVE-2026-0719: Fixed overflow for password md4sum (bsc#1256399).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-379",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20360-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20360-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620360-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20360-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024323.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252555",
"url": "https://bugzilla.suse.com/1252555"
},
{
"category": "self",
"summary": "SUSE Bug 1254876",
"url": "https://bugzilla.suse.com/1254876"
},
{
"category": "self",
"summary": "SUSE Bug 1256399",
"url": "https://bugzilla.suse.com/1256399"
},
{
"category": "self",
"summary": "SUSE Bug 1256418",
"url": "https://bugzilla.suse.com/1256418"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12105 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-14523 page",
"url": "https://www.suse.com/security/cve/CVE-2025-14523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-0716 page",
"url": "https://www.suse.com/security/cve/CVE-2026-0716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-0719 page",
"url": "https://www.suse.com/security/cve/CVE-2026-0719/"
}
],
"title": "Security update for libsoup",
"tracking": {
"current_release_date": "2026-01-19T11:45:24Z",
"generator": {
"date": "2026-01-19T11:45:24Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20360-1",
"initial_release_date": "2026-01-19T11:45:24Z",
"revision_history": [
{
"date": "2026-01-19T11:45:24Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"product": {
"name": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"product_id": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"product": {
"name": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"product_id": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"product": {
"name": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"product_id": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64",
"product": {
"name": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64",
"product_id": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64"
},
"product_reference": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le"
},
"product_reference": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x"
},
"product_reference": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
},
"product_reference": "libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12105"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed twice due to missing state synchronization. This leads to a use-after-free memory access, potentially crashing the affected application. Attackers could exploit this behavior remotely by triggering specific HTTP/2 read and cancel sequences, resulting in a denial-of-service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12105",
"url": "https://www.suse.com/security/cve/CVE-2025-12105"
},
{
"category": "external",
"summary": "SUSE Bug 1252555 for CVE-2025-12105",
"url": "https://bugzilla.suse.com/1252555"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T11:45:24Z",
"details": "important"
}
],
"title": "CVE-2025-12105"
},
{
"cve": "CVE-2025-14523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-14523"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in libsoup\u0027s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-14523",
"url": "https://www.suse.com/security/cve/CVE-2025-14523"
},
{
"category": "external",
"summary": "SUSE Bug 1254876 for CVE-2025-14523",
"url": "https://bugzilla.suse.com/1254876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T11:45:24Z",
"details": "important"
}
],
"title": "CVE-2025-14523"
},
{
"cve": "CVE-2026-0716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-0716"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libsoup\u0027s WebSocket frame processing when handling incoming messages. If a non-default configuration is used where the maximum incoming payload size is unset, the library may read memory outside the intended bounds. This can cause unintended memory exposure or a crash. Applications using libsoup\u0027s WebSocket support with this configuration may be impacted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-0716",
"url": "https://www.suse.com/security/cve/CVE-2026-0716"
},
{
"category": "external",
"summary": "SUSE Bug 1256418 for CVE-2026-0716",
"url": "https://bugzilla.suse.com/1256418"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T11:45:24Z",
"details": "moderate"
}
],
"title": "CVE-2026-0716"
},
{
"cve": "CVE-2026-0719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-0719"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-0719",
"url": "https://www.suse.com/security/cve/CVE-2026-0719"
},
{
"category": "external",
"summary": "SUSE Bug 1256399 for CVE-2026-0719",
"url": "https://bugzilla.suse.com/1256399"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-19T11:45:24Z",
"details": "important"
}
],
"title": "CVE-2026-0719"
}
]
}
SUSE-SU-2026:20752-1
Vulnerability from csaf_suse - Published: 2026-03-18 10:01 - Updated: 2026-03-18 10:01Summary
Security update for libsoup
Severity
Important
Notes
Title of the patch: Security update for libsoup
Description of the patch: This update for libsoup fixes the following issues:
Update to libsoup 3.6.6:
- CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion (bsc#1252555).
- CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (bsc#1254876).
- CVE-2025-32049: Denial of Service attack to websocket server (bsc#1240751).
- CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests (bsc#1257398).
- CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects
(bsc#1257441).
- CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request
smuggling and potential DoS (bsc#1257597).
- CVE-2026-2369: Buffer overread due to integer underflow when handling zero-length resources (bsc#1258120).
- CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information
disclosure to remote attackers (bsc#1258170).
- CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).
Changelog:
- websocket: Fix out-of-bounds read in process_frame
- Check nulls returned by soup_date_time_new_from_http_string()
- Numerous fixes to handling of Range headers
- server: close the connection after responsing a request
containing Content-Length and Transfer-Encoding
- Use CRLF as line boundary when parsing chunked enconding data
- websocket: do not accept messages frames after closing due to
an error
- Sanitize filename of content disposition header values
- Always validate the headers value when coming from untrusted
source
- uri-utils: do host validation when checking if a GUri is valid
- multipart: check length of bytes read
soup_filter_input_stream_read_until()
- message-headers: Reject duplicate Host headers
- server: null-check soup_date_time_to_string()
- auth-digest: fix crash in
soup_auth_digest_get_protection_space()
- session: fix 'heap-use-after-free' caused by 'finishing' queue
item twice
- cookies: Avoid expires attribute if date is invalid
- http1: Set EOF flag once content-length bytes have been read
- date-utils: Add value checks for date/time parsing
- multipart: Fix multiple boundry limits
- Fixed multiple possible memory leaks
- message-headers: Correct merge of ranges
- body-input-stream: Correct chunked trailers end detection
- server-http2: Correctly validate URIs
- multipart: Fix read out of buffer bounds under
soup_multipart_new_from_message()
- headers: Ensure Request-Line comprises entire first line
- tests: Fix MSVC build error
- Fix possible deadlock on init from gmodule usage
- Updated translations.
Patchnames: SUSE-SL-Micro-6.2-402
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.2 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.6 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.2 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
41 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libsoup",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libsoup fixes the following issues:\n\nUpdate to libsoup 3.6.6:\n\n- CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion (bsc#1252555).\n- CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (bsc#1254876).\n- CVE-2025-32049: Denial of Service attack to websocket server (bsc#1240751).\n- CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests (bsc#1257398).\n- CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects\n (bsc#1257441).\n- CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request\n smuggling and potential DoS (bsc#1257597).\n- CVE-2026-2369: Buffer overread due to integer underflow when handling zero-length resources (bsc#1258120).\n- CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information\n disclosure to remote attackers (bsc#1258170).\n- CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).\n\nChangelog:\n\n- websocket: Fix out-of-bounds read in process_frame\n- Check nulls returned by soup_date_time_new_from_http_string()\n- Numerous fixes to handling of Range headers\n- server: close the connection after responsing a request\ncontaining Content-Length and Transfer-Encoding\n- Use CRLF as line boundary when parsing chunked enconding data\n- websocket: do not accept messages frames after closing due to\nan error\n- Sanitize filename of content disposition header values\n- Always validate the headers value when coming from untrusted\nsource\n- uri-utils: do host validation when checking if a GUri is valid\n- multipart: check length of bytes read\nsoup_filter_input_stream_read_until()\n- message-headers: Reject duplicate Host headers\n- server: null-check soup_date_time_to_string()\n- auth-digest: fix crash in\nsoup_auth_digest_get_protection_space()\n- session: fix \u0027heap-use-after-free\u0027 caused by \u0027finishing\u0027 queue\nitem twice\n- cookies: Avoid expires attribute if date is invalid\n- http1: Set EOF flag once content-length bytes have been read\n- date-utils: Add value checks for date/time parsing\n- multipart: Fix multiple boundry limits\n- Fixed multiple possible memory leaks\n- message-headers: Correct merge of ranges\n- body-input-stream: Correct chunked trailers end detection\n- server-http2: Correctly validate URIs\n- multipart: Fix read out of buffer bounds under\nsoup_multipart_new_from_message()\n- headers: Ensure Request-Line comprises entire first line\n- tests: Fix MSVC build error\n- Fix possible deadlock on init from gmodule usage\n- Updated translations.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-402",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20752-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20752-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620752-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20752-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024832.html"
},
{
"category": "self",
"summary": "SUSE Bug 1240751",
"url": "https://bugzilla.suse.com/1240751"
},
{
"category": "self",
"summary": "SUSE Bug 1252555",
"url": "https://bugzilla.suse.com/1252555"
},
{
"category": "self",
"summary": "SUSE Bug 1254876",
"url": "https://bugzilla.suse.com/1254876"
},
{
"category": "self",
"summary": "SUSE Bug 1257398",
"url": "https://bugzilla.suse.com/1257398"
},
{
"category": "self",
"summary": "SUSE Bug 1257441",
"url": "https://bugzilla.suse.com/1257441"
},
{
"category": "self",
"summary": "SUSE Bug 1257597",
"url": "https://bugzilla.suse.com/1257597"
},
{
"category": "self",
"summary": "SUSE Bug 1258120",
"url": "https://bugzilla.suse.com/1258120"
},
{
"category": "self",
"summary": "SUSE Bug 1258170",
"url": "https://bugzilla.suse.com/1258170"
},
{
"category": "self",
"summary": "SUSE Bug 1258508",
"url": "https://bugzilla.suse.com/1258508"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12105 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-14523 page",
"url": "https://www.suse.com/security/cve/CVE-2025-14523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32049 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-1467 page",
"url": "https://www.suse.com/security/cve/CVE-2026-1467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-1539 page",
"url": "https://www.suse.com/security/cve/CVE-2026-1539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-1760 page",
"url": "https://www.suse.com/security/cve/CVE-2026-1760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-2369 page",
"url": "https://www.suse.com/security/cve/CVE-2026-2369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-2443 page",
"url": "https://www.suse.com/security/cve/CVE-2026-2443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-2708 page",
"url": "https://www.suse.com/security/cve/CVE-2026-2708/"
}
],
"title": "Security update for libsoup",
"tracking": {
"current_release_date": "2026-03-18T10:01:36Z",
"generator": {
"date": "2026-03-18T10:01:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20752-1",
"initial_release_date": "2026-03-18T10:01:36Z",
"revision_history": [
{
"date": "2026-03-18T10:01:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"product": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"product_id": "libsoup-3_0-0-3.6.6-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"product": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"product_id": "libsoup-3_0-0-3.6.6-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"product": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"product_id": "libsoup-3_0-0-3.6.6-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"product": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"product_id": "libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64"
},
"product_reference": "libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le"
},
"product_reference": "libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x"
},
"product_reference": "libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
},
"product_reference": "libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12105"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed twice due to missing state synchronization. This leads to a use-after-free memory access, potentially crashing the affected application. Attackers could exploit this behavior remotely by triggering specific HTTP/2 read and cancel sequences, resulting in a denial-of-service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12105",
"url": "https://www.suse.com/security/cve/CVE-2025-12105"
},
{
"category": "external",
"summary": "SUSE Bug 1252555 for CVE-2025-12105",
"url": "https://bugzilla.suse.com/1252555"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "important"
}
],
"title": "CVE-2025-12105"
},
{
"cve": "CVE-2025-14523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-14523"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in libsoup\u0027s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-14523",
"url": "https://www.suse.com/security/cve/CVE-2025-14523"
},
{
"category": "external",
"summary": "SUSE Bug 1254876 for CVE-2025-14523",
"url": "https://bugzilla.suse.com/1254876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "important"
}
],
"title": "CVE-2025-14523"
},
{
"cve": "CVE-2025-32049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32049"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32049",
"url": "https://www.suse.com/security/cve/CVE-2025-32049"
},
{
"category": "external",
"summary": "SUSE Bug 1240751 for CVE-2025-32049",
"url": "https://bugzilla.suse.com/1240751"
},
{
"category": "external",
"summary": "SUSE Bug 1250562 for CVE-2025-32049",
"url": "https://bugzilla.suse.com/1250562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "important"
}
],
"title": "CVE-2025-32049"
},
{
"cve": "CVE-2026-1467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-1467"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing a specially crafted URL containing CRLF sequences, allowing them to inject additional HTTP headers or complete HTTP request bodies. This can lead to unintended or unauthorized HTTP requests being forwarded by the proxy, potentially impacting downstream services.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-1467",
"url": "https://www.suse.com/security/cve/CVE-2026-1467"
},
{
"category": "external",
"summary": "SUSE Bug 1257398 for CVE-2026-1467",
"url": "https://bugzilla.suse.com/1257398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-1467"
},
{
"cve": "CVE-2026-1539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-1539"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations. When handling HTTP redirects, libsoup removes the Authorization header but does not remove the Proxy-Authorization header if the request is redirected to a different host. As a result, sensitive proxy credentials may be leaked to third-party servers. Applications using libsoup for HTTP communication may unintentionally expose proxy authentication data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-1539",
"url": "https://www.suse.com/security/cve/CVE-2026-1539"
},
{
"category": "external",
"summary": "SUSE Bug 1257441 for CVE-2026-1539",
"url": "https://bugzilla.suse.com/1257441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-1539"
},
{
"cve": "CVE-2026-1760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-1760"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in SoupServer. This HTTP request smuggling vulnerability occurs because SoupServer improperly handles requests that combine Transfer-Encoding: chunked and Connection: keep-alive headers. A remote, unauthenticated client can exploit this by sending specially crafted requests, causing SoupServer to fail to close the connection as required by RFC 9112. This allows the attacker to smuggle additional requests over the persistent connection, leading to unintended request processing and potential denial-of-service (DoS) conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-1760",
"url": "https://www.suse.com/security/cve/CVE-2026-1760"
},
{
"category": "external",
"summary": "SUSE Bug 1257597 for CVE-2026-1760",
"url": "https://bugzilla.suse.com/1257597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "important"
}
],
"title": "CVE-2026-1760"
},
{
"cve": "CVE-2026-2369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-2369"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-2369",
"url": "https://www.suse.com/security/cve/CVE-2026-2369"
},
{
"category": "external",
"summary": "SUSE Bug 1258120 for CVE-2026-2369",
"url": "https://bugzilla.suse.com/1258120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-2369"
},
{
"cve": "CVE-2026-2443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-2443"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server memory beyond the intended response. Exploitation requires a vulnerable configuration and access to a server using the embedded SoupServer component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-2443",
"url": "https://www.suse.com/security/cve/CVE-2026-2443"
},
{
"category": "external",
"summary": "SUSE Bug 1258170 for CVE-2026-2443",
"url": "https://bugzilla.suse.com/1258170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-2443"
},
{
"cve": "CVE-2026-2708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-2708"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-2708",
"url": "https://www.suse.com/security/cve/CVE-2026-2708"
},
{
"category": "external",
"summary": "SUSE Bug 1258508 for CVE-2026-2708",
"url": "https://bugzilla.suse.com/1258508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "important"
}
],
"title": "CVE-2026-2708"
}
]
}
SUSE-SU-2026:20902-1
Vulnerability from csaf_suse - Published: 2026-03-18 10:01 - Updated: 2026-03-18 10:01Summary
Security update for libsoup
Severity
Important
Notes
Title of the patch: Security update for libsoup
Description of the patch: This update for libsoup fixes the following issues:
Update to libsoup 3.6.6:
- CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion (bsc#1252555).
- CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (bsc#1254876).
- CVE-2025-32049: Denial of Service attack to websocket server (bsc#1240751).
- CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests (bsc#1257398).
- CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects
(bsc#1257441).
- CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request
smuggling and potential DoS (bsc#1257597).
- CVE-2026-2369: Buffer overread due to integer underflow when handling zero-length resources (bsc#1258120).
- CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information
disclosure to remote attackers (bsc#1258170).
- CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).
Changelog:
- websocket: Fix out-of-bounds read in process_frame
- Check nulls returned by soup_date_time_new_from_http_string()
- Numerous fixes to handling of Range headers
- server: close the connection after responsing a request
containing Content-Length and Transfer-Encoding
- Use CRLF as line boundary when parsing chunked enconding data
- websocket: do not accept messages frames after closing due to
an error
- Sanitize filename of content disposition header values
- Always validate the headers value when coming from untrusted
source
- uri-utils: do host validation when checking if a GUri is valid
- multipart: check length of bytes read
soup_filter_input_stream_read_until()
- message-headers: Reject duplicate Host headers
- server: null-check soup_date_time_to_string()
- auth-digest: fix crash in
soup_auth_digest_get_protection_space()
- session: fix 'heap-use-after-free' caused by 'finishing' queue
item twice
- cookies: Avoid expires attribute if date is invalid
- http1: Set EOF flag once content-length bytes have been read
- date-utils: Add value checks for date/time parsing
- multipart: Fix multiple boundry limits
- Fixed multiple possible memory leaks
- message-headers: Correct merge of ranges
- body-input-stream: Correct chunked trailers end detection
- server-http2: Correctly validate URIs
- multipart: Fix read out of buffer bounds under
soup_multipart_new_from_message()
- headers: Ensure Request-Line comprises entire first line
- tests: Fix MSVC build error
- Fix possible deadlock on init from gmodule usage
- Updated translations.
Patchnames: SUSE-SLES-16.0-402
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Affected products
Recommended
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.2 (High)
Affected products
Recommended
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.8 (Medium)
Affected products
Recommended
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.6 (High)
Affected products
Recommended
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.2 (High)
Affected products
Recommended
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
41 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libsoup",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libsoup fixes the following issues:\n\nUpdate to libsoup 3.6.6:\n\n- CVE-2025-12105: heap use-after-free in message queue handling during HTTP/2 read completion (bsc#1252555).\n- CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (bsc#1254876).\n- CVE-2025-32049: Denial of Service attack to websocket server (bsc#1240751).\n- CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests (bsc#1257398).\n- CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects\n (bsc#1257441).\n- CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request\n smuggling and potential DoS (bsc#1257597).\n- CVE-2026-2369: Buffer overread due to integer underflow when handling zero-length resources (bsc#1258120).\n- CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information\n disclosure to remote attackers (bsc#1258170).\n- CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).\n\nChangelog:\n\n- websocket: Fix out-of-bounds read in process_frame\n- Check nulls returned by soup_date_time_new_from_http_string()\n- Numerous fixes to handling of Range headers\n- server: close the connection after responsing a request\ncontaining Content-Length and Transfer-Encoding\n- Use CRLF as line boundary when parsing chunked enconding data\n- websocket: do not accept messages frames after closing due to\nan error\n- Sanitize filename of content disposition header values\n- Always validate the headers value when coming from untrusted\nsource\n- uri-utils: do host validation when checking if a GUri is valid\n- multipart: check length of bytes read\nsoup_filter_input_stream_read_until()\n- message-headers: Reject duplicate Host headers\n- server: null-check soup_date_time_to_string()\n- auth-digest: fix crash in\nsoup_auth_digest_get_protection_space()\n- session: fix \u0027heap-use-after-free\u0027 caused by \u0027finishing\u0027 queue\nitem twice\n- cookies: Avoid expires attribute if date is invalid\n- http1: Set EOF flag once content-length bytes have been read\n- date-utils: Add value checks for date/time parsing\n- multipart: Fix multiple boundry limits\n- Fixed multiple possible memory leaks\n- message-headers: Correct merge of ranges\n- body-input-stream: Correct chunked trailers end detection\n- server-http2: Correctly validate URIs\n- multipart: Fix read out of buffer bounds under\nsoup_multipart_new_from_message()\n- headers: Ensure Request-Line comprises entire first line\n- tests: Fix MSVC build error\n- Fix possible deadlock on init from gmodule usage\n- Updated translations.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-402",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20902-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20902-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620902-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20902-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025111.html"
},
{
"category": "self",
"summary": "SUSE Bug 1240751",
"url": "https://bugzilla.suse.com/1240751"
},
{
"category": "self",
"summary": "SUSE Bug 1252555",
"url": "https://bugzilla.suse.com/1252555"
},
{
"category": "self",
"summary": "SUSE Bug 1254876",
"url": "https://bugzilla.suse.com/1254876"
},
{
"category": "self",
"summary": "SUSE Bug 1257398",
"url": "https://bugzilla.suse.com/1257398"
},
{
"category": "self",
"summary": "SUSE Bug 1257441",
"url": "https://bugzilla.suse.com/1257441"
},
{
"category": "self",
"summary": "SUSE Bug 1257597",
"url": "https://bugzilla.suse.com/1257597"
},
{
"category": "self",
"summary": "SUSE Bug 1258120",
"url": "https://bugzilla.suse.com/1258120"
},
{
"category": "self",
"summary": "SUSE Bug 1258170",
"url": "https://bugzilla.suse.com/1258170"
},
{
"category": "self",
"summary": "SUSE Bug 1258508",
"url": "https://bugzilla.suse.com/1258508"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12105 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-14523 page",
"url": "https://www.suse.com/security/cve/CVE-2025-14523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-32049 page",
"url": "https://www.suse.com/security/cve/CVE-2025-32049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-1467 page",
"url": "https://www.suse.com/security/cve/CVE-2026-1467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-1539 page",
"url": "https://www.suse.com/security/cve/CVE-2026-1539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-1760 page",
"url": "https://www.suse.com/security/cve/CVE-2026-1760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-2369 page",
"url": "https://www.suse.com/security/cve/CVE-2026-2369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-2443 page",
"url": "https://www.suse.com/security/cve/CVE-2026-2443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-2708 page",
"url": "https://www.suse.com/security/cve/CVE-2026-2708/"
}
],
"title": "Security update for libsoup",
"tracking": {
"current_release_date": "2026-03-18T10:01:36Z",
"generator": {
"date": "2026-03-18T10:01:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20902-1",
"initial_release_date": "2026-03-18T10:01:36Z",
"revision_history": [
{
"date": "2026-03-18T10:01:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"product": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"product_id": "libsoup-3_0-0-3.6.6-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libsoup-devel-3.6.6-160000.1.1.aarch64",
"product": {
"name": "libsoup-devel-3.6.6-160000.1.1.aarch64",
"product_id": "libsoup-devel-3.6.6-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"product": {
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"product_id": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-lang-3.6.6-160000.1.1.noarch",
"product": {
"name": "libsoup-lang-3.6.6-160000.1.1.noarch",
"product_id": "libsoup-lang-3.6.6-160000.1.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"product": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"product_id": "libsoup-3_0-0-3.6.6-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libsoup-devel-3.6.6-160000.1.1.ppc64le",
"product": {
"name": "libsoup-devel-3.6.6-160000.1.1.ppc64le",
"product_id": "libsoup-devel-3.6.6-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"product": {
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"product_id": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"product": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"product_id": "libsoup-3_0-0-3.6.6-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "libsoup-devel-3.6.6-160000.1.1.s390x",
"product": {
"name": "libsoup-devel-3.6.6-160000.1.1.s390x",
"product_id": "libsoup-devel-3.6.6-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"product": {
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"product_id": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"product": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"product_id": "libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libsoup-devel-3.6.6-160000.1.1.x86_64",
"product": {
"name": "libsoup-devel-3.6.6-160000.1.1.x86_64",
"product_id": "libsoup-devel-3.6.6-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"product": {
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"product_id": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64"
},
"product_reference": "libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le"
},
"product_reference": "libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x"
},
"product_reference": "libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
},
"product_reference": "libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.6.6-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64"
},
"product_reference": "libsoup-devel-3.6.6-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.6.6-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le"
},
"product_reference": "libsoup-devel-3.6.6-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.6.6-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x"
},
"product_reference": "libsoup-devel-3.6.6-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.6.6-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64"
},
"product_reference": "libsoup-devel-3.6.6-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-lang-3.6.6-160000.1.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch"
},
"product_reference": "libsoup-lang-3.6.6-160000.1.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x"
},
"product_reference": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64"
},
"product_reference": "libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le"
},
"product_reference": "libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x"
},
"product_reference": "libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-3_0-0-3.6.6-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64"
},
"product_reference": "libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.6.6-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64"
},
"product_reference": "libsoup-devel-3.6.6-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.6.6-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le"
},
"product_reference": "libsoup-devel-3.6.6-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.6.6-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x"
},
"product_reference": "libsoup-devel-3.6.6-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-devel-3.6.6-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64"
},
"product_reference": "libsoup-devel-3.6.6-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsoup-lang-3.6.6-160000.1.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch"
},
"product_reference": "libsoup-lang-3.6.6-160000.1.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64"
},
"product_reference": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le"
},
"product_reference": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x"
},
"product_reference": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
},
"product_reference": "typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12105"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed twice due to missing state synchronization. This leads to a use-after-free memory access, potentially crashing the affected application. Attackers could exploit this behavior remotely by triggering specific HTTP/2 read and cancel sequences, resulting in a denial-of-service condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12105",
"url": "https://www.suse.com/security/cve/CVE-2025-12105"
},
{
"category": "external",
"summary": "SUSE Bug 1252555 for CVE-2025-12105",
"url": "https://bugzilla.suse.com/1252555"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "important"
}
],
"title": "CVE-2025-12105"
},
{
"cve": "CVE-2025-14523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-14523"
}
],
"notes": [
{
"category": "general",
"text": "A flaw in libsoup\u0027s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-14523",
"url": "https://www.suse.com/security/cve/CVE-2025-14523"
},
{
"category": "external",
"summary": "SUSE Bug 1254876 for CVE-2025-14523",
"url": "https://bugzilla.suse.com/1254876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "important"
}
],
"title": "CVE-2025-14523"
},
{
"cve": "CVE-2025-32049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-32049"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-32049",
"url": "https://www.suse.com/security/cve/CVE-2025-32049"
},
{
"category": "external",
"summary": "SUSE Bug 1240751 for CVE-2025-32049",
"url": "https://bugzilla.suse.com/1240751"
},
{
"category": "external",
"summary": "SUSE Bug 1250562 for CVE-2025-32049",
"url": "https://bugzilla.suse.com/1250562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "important"
}
],
"title": "CVE-2025-32049"
},
{
"cve": "CVE-2026-1467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-1467"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing a specially crafted URL containing CRLF sequences, allowing them to inject additional HTTP headers or complete HTTP request bodies. This can lead to unintended or unauthorized HTTP requests being forwarded by the proxy, potentially impacting downstream services.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-1467",
"url": "https://www.suse.com/security/cve/CVE-2026-1467"
},
{
"category": "external",
"summary": "SUSE Bug 1257398 for CVE-2026-1467",
"url": "https://bugzilla.suse.com/1257398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-1467"
},
{
"cve": "CVE-2026-1539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-1539"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations. When handling HTTP redirects, libsoup removes the Authorization header but does not remove the Proxy-Authorization header if the request is redirected to a different host. As a result, sensitive proxy credentials may be leaked to third-party servers. Applications using libsoup for HTTP communication may unintentionally expose proxy authentication data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-1539",
"url": "https://www.suse.com/security/cve/CVE-2026-1539"
},
{
"category": "external",
"summary": "SUSE Bug 1257441 for CVE-2026-1539",
"url": "https://bugzilla.suse.com/1257441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-1539"
},
{
"cve": "CVE-2026-1760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-1760"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in SoupServer. This HTTP request smuggling vulnerability occurs because SoupServer improperly handles requests that combine Transfer-Encoding: chunked and Connection: keep-alive headers. A remote, unauthenticated client can exploit this by sending specially crafted requests, causing SoupServer to fail to close the connection as required by RFC 9112. This allows the attacker to smuggle additional requests over the persistent connection, leading to unintended request processing and potential denial-of-service (DoS) conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-1760",
"url": "https://www.suse.com/security/cve/CVE-2026-1760"
},
{
"category": "external",
"summary": "SUSE Bug 1257597 for CVE-2026-1760",
"url": "https://bugzilla.suse.com/1257597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "important"
}
],
"title": "CVE-2026-1760"
},
{
"cve": "CVE-2026-2369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-2369"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-2369",
"url": "https://www.suse.com/security/cve/CVE-2026-2369"
},
{
"category": "external",
"summary": "SUSE Bug 1258120 for CVE-2026-2369",
"url": "https://bugzilla.suse.com/1258120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-2369"
},
{
"cve": "CVE-2026-2443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-2443"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server memory beyond the intended response. Exploitation requires a vulnerable configuration and access to a server using the embedded SoupServer component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-2443",
"url": "https://www.suse.com/security/cve/CVE-2026-2443"
},
{
"category": "external",
"summary": "SUSE Bug 1258170 for CVE-2026-2443",
"url": "https://bugzilla.suse.com/1258170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-2443"
},
{
"cve": "CVE-2026-2708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-2708"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-2708",
"url": "https://www.suse.com/security/cve/CVE-2026-2708"
},
{
"category": "external",
"summary": "SUSE Bug 1258508 for CVE-2026-2708",
"url": "https://bugzilla.suse.com/1258508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-3_0-0-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-devel-3.6.6-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libsoup-lang-3.6.6-160000.1.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:typelib-1_0-Soup-3_0-3.6.6-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-18T10:01:36Z",
"details": "important"
}
],
"title": "CVE-2026-2708"
}
]
}
WID-SEC-W-2026-0062
Vulnerability from csaf_certbund - Published: 2026-01-11 23:00 - Updated: 2026-03-02 23:00Summary
Red Hat Enterprise Linux (libsoup): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen und Datenmanipulation
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder Daten zu manipulieren.
Betroffene Betriebssysteme: - UNIX
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat Enterprise Linux 9
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:9
|
9 | |
|
Red Hat Enterprise Linux 8
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:8
|
8 | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
References
41 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder Daten zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0062 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0062.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0062 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0062"
},
{
"category": "external",
"summary": "RedHat Security Advisory vom 2026-01-11",
"url": "https://access.redhat.com/errata/RHSA-2026:0421"
},
{
"category": "external",
"summary": "RedHat Security Advisory vom 2026-01-11",
"url": "https://access.redhat.com/errata/RHSA-2026:0422"
},
{
"category": "external",
"summary": "RedHat Security Advisory vom 2026-01-11",
"url": "https://access.redhat.com/errata/RHSA-2026:0423"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10024-1 vom 2026-01-10",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DRGHJFZX6SW4UBXOO77XIO66DXLIYCBN/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0423 vom 2026-01-12",
"url": "https://linux.oracle.com/errata/ELSA-2026-0423.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0422 vom 2026-01-12",
"url": "https://linux.oracle.com/errata/ELSA-2026-0422.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0421 vom 2026-01-13",
"url": "http://linux.oracle.com/errata/ELSA-2026-0421.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0421 vom 2026-01-14",
"url": "https://errata.build.resf.org/RLSA-2026:0421"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0123-1 vom 2026-01-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023742.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0422 vom 2026-01-15",
"url": "https://errata.build.resf.org/RLSA-2026:0422"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20053-1 vom 2026-01-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023756.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0423 vom 2026-01-15",
"url": "https://errata.build.resf.org/RLSA-2026:0423"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0151-1 vom 2026-01-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023792.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0836 vom 2026-01-20",
"url": "https://access.redhat.com/errata/RHSA-2026:0836"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0867 vom 2026-01-20",
"url": "https://access.redhat.com/errata/RHSA-2026:0867"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0911 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0911"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0909 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0909"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0908 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0908"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0907 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0907"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0906 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0906"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0905 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0905"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0868 vom 2026-01-20",
"url": "https://access.redhat.com/errata/RHSA-2026:0868"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0925 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0925"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0211-1 vom 2026-01-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023874.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0253-1 vom 2026-01-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FJT5D7O63R2L5TCYFNGEKJLA2NDKU3D5/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0257-1 vom 2026-01-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QZPGHERAAEG3OOSB2RT4YVXZMCO342K3/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0258-1 vom 2026-01-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VPXEZGJOO5EPBL2IKUFIT3EEGS4QZS5F/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1509 vom 2026-01-28",
"url": "https://access.redhat.com/errata/RHSA-2026:1509"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1569 vom 2026-01-29",
"url": "https://access.redhat.com/errata/RHSA-2026:1569"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1570 vom 2026-01-29",
"url": "https://access.redhat.com/errata/RHSA-2026:1570"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1571 vom 2026-01-29",
"url": "https://access.redhat.com/errata/RHSA-2026:1571"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1572 vom 2026-01-29",
"url": "https://access.redhat.com/errata/RHSA-2026:1572"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:1509 vom 2026-01-31",
"url": "https://errata.build.resf.org/RLSA-2026:1509"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2026-3142 vom 2026-02-06",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3142.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-2182 vom 2026-02-06",
"url": "https://linux.oracle.com/errata/ELSA-2026-2182.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-2410 vom 2026-02-10",
"url": "https://linux.oracle.com/errata/ELSA-2026-2410.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0925 vom 2026-02-11",
"url": "https://linux.oracle.com/errata/ELSA-2026-0925.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20360-1 vom 2026-02-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024323.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-2628 vom 2026-03-03",
"url": "https://linux.oracle.com/errata/ELSA-2026-2628.html"
}
],
"source_lang": "en-US",
"title": "Red Hat Enterprise Linux (libsoup): Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen und Datenmanipulation",
"tracking": {
"current_release_date": "2026-03-02T23:00:00.000+00:00",
"generator": {
"date": "2026-03-03T09:32:39.607+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0062",
"initial_release_date": "2026-01-11T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-11T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-01-12T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-01-13T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-01-14T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-01-19T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-21T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-22T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-28T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-01T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-02-05T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Amazon und Oracle Linux aufgenommen"
},
{
"date": "2026-02-10T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-02-11T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-02-17T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-02T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "15"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "8",
"product": {
"name": "Red Hat Enterprise Linux 8",
"product_id": "T049806",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "Red Hat Enterprise Linux 9",
"product_id": "T049807",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9"
}
}
},
{
"category": "product_version",
"name": "10",
"product": {
"name": "Red Hat Enterprise Linux 10",
"product_id": "T049808",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-14523",
"product_status": {
"known_affected": [
"T002207",
"T049808",
"67646",
"T049807",
"T049806",
"T027843",
"398363",
"T004914",
"T032255"
]
},
"release_date": "2026-01-11T23:00:00.000+00:00",
"title": "CVE-2025-14523"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…