What is CVE-2024-52531?

CVE-2024-52531 is a medium-severity vulnerability in Gnome Libsoup, classified under Out-of-bounds Write. CVSS score: 6.5/10. Published 2024-11-11.

How severe is CVE-2024-52531?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Buffer overflow in Gnome Libsoup

CVE-2024-52531

GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., a…

Vulnerability class: Buffer Overflow

EPSS: 0.002 (35.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L.

Affected products

Gnome Libsoup — versions 0

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

gitlab.gnome.org/Teams/Releng/security/-/wikis/home
gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407
gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407
offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-wi…

Frequently asked questions

What is CVE-2024-52531?: CVE-2024-52531 is a medium-severity vulnerability in Gnome Libsoup, classified under Out-of-bounds Write. CVSS score: 6.5/10. Published 2024-11-11.
How severe is CVE-2024-52531?: Medium severity. CVSS v3 base score is 6.5 out of 10.