libsoup prior to version 3.6.3 is vulnerable to 
a null pointer dereference in soup_auth_digest_authenticate(). A 
malicious HTTP server may cause the libsoup client to crash.