Filtered by vendor Gnome
Subscribe
Total
336 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-3632 | 2 Gnome, Redhat | 2 Libsoup, Enterprise Linux | 2026-03-19 | N/A | 3.9 LOW |
| A flaw was found in libsoup, a library used by applications to send network requests. This vulnerability occurs because libsoup does not properly validate hostnames, allowing special characters to be injected into HTTP headers. A remote attacker could exploit this to perform HTTP smuggling, where they can send hidden, malicious requests alongside legitimate ones. In certain situations, this could lead to Server-Side Request Forgery (SSRF), enabling an attacker to force the server to make unauthorized requests to other internal or external systems. The impact is low, as SoupServer is not actually used in internet infrastructure. | |||||
| CVE-2026-3633 | 2 Gnome, Redhat | 2 Libsoup, Enterprise Linux | 2026-03-19 | N/A | 3.9 LOW |
| A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the `soup_message_new()` function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF (Carriage Return Line Feed) injection, occurs because the method value is not properly escaped during request line construction, potentially leading to HTTP request injection. | |||||
| CVE-2026-3634 | 2 Gnome, Redhat | 2 Libsoup, Enterprise Linux | 2026-03-19 | N/A | 3.9 LOW |
| A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. This vulnerability allows for the injection of arbitrary header-value pairs, potentially leading to HTTP header injection and response splitting attacks. | |||||
| CVE-2026-4271 | 2 Gnome, Redhat | 2 Libsoup, Enterprise Linux | 2026-03-19 | N/A | 5.3 MEDIUM |
| A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause authentication failures. This can lead to the application attempting to access memory that has already been freed, potentially causing application instability or crashes, resulting in a Denial of Service (DoS). | |||||
| CVE-2025-14512 | 2 Gnome, Redhat | 3 Glib, Enterprise Linux, Openshift | 2026-03-19 | N/A | 6.5 MEDIUM |
| A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values. | |||||
| CVE-2025-13601 | 2 Gnome, Redhat | 29 Glib, Ceph Storage, Codeready Linux Builder and 26 more | 2026-03-19 | N/A | 7.7 HIGH |
| A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string. | |||||
| CVE-2025-14087 | 2 Gnome, Redhat | 2 Glib, Enterprise Linux | 2026-03-18 | N/A | 5.6 MEDIUM |
| A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings. | |||||
| CVE-2025-4056 | 2 Gnome, Microsoft | 2 Glib, Windows | 2026-01-08 | N/A | 7.5 HIGH |
| A flaw was found in GLib. A denial of service on Windows platforms may occur if an application attempts to spawn a program using long command lines. | |||||
| CVE-2025-2784 | 2 Gnome, Redhat | 21 Libsoup, Codeready Linux Builder, Codeready Linux Builder For Arm64 and 18 more | 2025-11-18 | N/A | 7.0 HIGH |
| A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server. | |||||
| CVE-2024-34397 | 4 Debian, Fedoraproject, Gnome and 1 more | 4 Debian Linux, Fedora, Glib and 1 more | 2025-11-04 | N/A | 5.2 MEDIUM |
| An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact. | |||||
| CVE-2024-52532 | 1 Gnome | 1 Libsoup | 2025-11-03 | N/A | 7.5 HIGH |
| GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients. | |||||
| CVE-2024-52531 | 1 Gnome | 1 Libsoup | 2025-11-03 | N/A | 6.5 MEDIUM |
| GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response). | |||||
| CVE-2024-52530 | 1 Gnome | 1 Libsoup | 2025-11-03 | N/A | 7.5 HIGH |
| GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a "Transfer-Encoding: chunked" header. | |||||
| CVE-2024-42415 | 1 Gnome | 1 Libgsf | 2025-11-03 | N/A | 8.4 HIGH |
| An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector allocation table. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-36474 | 1 Gnome | 1 Libgsf | 2025-11-03 | N/A | 8.4 HIGH |
| An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-bounds index to be used when reading and writing to an array. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2025-6199 | 2 Gnome, Redhat | 2 Gdkpixbuf, Enterprise Linux | 2025-11-03 | N/A | 3.3 LOW |
| A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the buffer being included in the output, potentially leaking arbitrary memory contents in the processed image. | |||||
| CVE-2022-1736 | 2 Canonical, Gnome | 2 Ubuntu Linux, Gnome-remote-desktop | 2025-08-26 | N/A | 9.8 CRITICAL |
| Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default. | |||||
| CVE-2023-5616 | 2 Canonical, Gnome | 2 Ubuntu Linux, Control Center | 2025-08-26 | N/A | 4.9 MEDIUM |
| In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was configured to use systemd socket activation for openssh-server. This could unknowingly leave the local machine exposed to remote SSH access contrary to expectation of the user. | |||||
| CVE-2025-6052 | 1 Gnome | 1 Glib | 2025-08-20 | N/A | 3.7 LOW |
| A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption. | |||||
| CVE-2025-3155 | 3 Debian, Gnome, Redhat | 21 Debian Linux, Yelp, Codeready Linux Builder and 18 more | 2025-08-12 | N/A | 7.4 HIGH |
| A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. | |||||