{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-52531", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-03-25T17:25:59.440Z", "dateReserved": "2024-11-11T00:00:00.000Z", "datePublished": "2024-11-11T00:00:00.000Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "libsoup", "vendor": "GNOME", "versions": [{"lessThan": "3.6.1", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response)."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-03-25T17:25:59.440Z"}, "references": [{"url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home"}, {"url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407"}, {"url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407#note_2316401"}, {"url": "https://offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"}}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:gnome:libsoup:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.6.1"}]}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "affected": [{"vendor": "gnome", "product": "libsoup", "cpes": ["cpe:2.3:a:gnome:libsoup:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "3.6.1", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-11-12T18:30:47.915734Z", "id": "CVE-2024-52531", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-12T18:35:11.322Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-52531", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-12T18:30:47.915734Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:gnome:libsoup:*:*:*:*:*:*:*:*"], "vendor": "gnome", "product": "libsoup", "versions": [{"status": "affected", "version": "0", "lessThan": "3.6.1", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-12T18:34:59.609Z"}}], "cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"}}], "affected": [{"vendor": "GNOME", "product": "libsoup", "versions": [{"status": "affected", "version": "0", "lessThan": "3.6.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home"}, {"url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407"}, {"url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407#note_2316401"}, {"url": "https://offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "descriptions": [{"lang": "en", "value": "GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gnome:libsoup:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "3.6.1"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-03-25T17:25:59.440Z"}}}, "cveMetadata": {"cveId": "CVE-2024-52531", "state": "PUBLISHED", "dateUpdated": "2025-03-25T17:25:59.440Z", "dateReserved": "2024-11-11T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-11-11T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response)."}, {"lang": "es", "value": "Las versiones anteriores a 3.6.1 libsoup de GNOME permiten un desbordamiento de b\u00fafer en aplicaciones que realizan conversiones a UTF-8 en soup_header_parse_param_list_strict. La entrada recibida a trav\u00e9s de la red no puede provocar este desbordamiento."}], "id": "CVE-2024-52531", "lastModified": "2025-03-25T18:15:33.460", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.7, "source": "cve@mitre.org", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-11-11T20:15:20.313", "references": [{"source": "cve@mitre.org", "url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407"}, {"source": "cve@mitre.org", "url": "https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407#note_2316401"}, {"source": "cve@mitre.org", "url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home"}, {"source": "cve@mitre.org", "url": "https://offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "cve@mitre.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:1047", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "libsoup-0:2.62.2-4.el7_9", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2025-02-05T00:00:00Z"}, {"advisory": "RHSA-2025:0838", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "libsoup-0:2.62.3-7.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-01-30T00:00:00Z"}, {"advisory": "RHSA-2025:0838", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "libsoup-0:2.62.3-7.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-01-30T00:00:00Z"}, {"advisory": "RHSA-2025:0903", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "libsoup-0:2.62.3-1.el8_2.2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-02-03T00:00:00Z"}, {"advisory": "RHSA-2025:0889", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "libsoup-0:2.62.3-2.el8_4.2", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-02-03T00:00:00Z"}, {"advisory": "RHSA-2025:0889", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "libsoup-0:2.62.3-2.el8_4.2", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2025-02-03T00:00:00Z"}, {"advisory": "RHSA-2025:0889", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "libsoup-0:2.62.3-2.el8_4.2", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2025-02-03T00:00:00Z"}, {"advisory": "RHSA-2025:0949", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "libsoup-0:2.62.3-2.el8_6.2", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-02-04T00:00:00Z"}, {"advisory": "RHSA-2025:0949", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "libsoup-0:2.62.3-2.el8_6.2", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-02-04T00:00:00Z"}, {"advisory": "RHSA-2025:0949", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "libsoup-0:2.62.3-2.el8_6.2", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-02-04T00:00:00Z"}, {"advisory": "RHSA-2025:1075", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "libsoup-0:2.62.3-3.el8_8.2", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2025-02-05T00:00:00Z"}, {"advisory": "RHSA-2025:0791", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "libsoup-0:2.72.0-8.el9_5.3", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-01-29T00:00:00Z"}, {"advisory": "RHSA-2025:0882", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "libsoup-0:2.72.0-8.el9_0.3", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-02-03T00:00:00Z"}, {"advisory": "RHSA-2025:0847", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "libsoup-0:2.72.0-8.el9_2.3", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2025-01-30T00:00:00Z"}, {"advisory": "RHSA-2025:0848", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "libsoup-0:2.72.0-8.el9_4.3", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-01-30T00:00:00Z"}, {"advisory": "RHSA-2025:1154", "cpe": "cpe:/a:redhat:camel_k:1.10.9", "product_name": "RHINT Camel-K 1.10.9", "release_date": "2025-02-06T00:00:00Z"}], "bugzilla": {"description": "libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict", "id": "2325277", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325277"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.0", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-122", "details": ["GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).", "A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soup_header_parse_param_list_strict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library."], "mitigation": {"lang": "en:us", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."}, "name": "CVE-2024-52531", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "libsoup", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2024-11-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-52531\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-52531\nhttps://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407\nhttps://gitlab.gnome.org/Teams/Releng/security/-/wikis/home"], "statement": "Further investigation found that this issue can be exploited remotely, increasing the possibility of exploitation and the severity of this vulnerability.\nOnly applications that decode UTF-8 input data with the soup_header_parse_param_list_strict function are vulnerable to this issue.\nFurthermore, exploitation of this vulnerability highly depends on the application code, the heap layout and functionalities exposed to an attacker. For this reason, this flaw has been rated with an Important severity.", "threat_severity": "Important"}