Bug 2499921 - CVE-2026-12478 libsoup3: Incomplete fix for CVE-2026-0716: Out-of-bounds read in libsoup WebSocket frame processing (unmasked path) [fedora-all]
Summary: CVE-2026-12478 libsoup3: Incomplete fix for CVE-2026-0716: Out-of-bounds read...
Keywords:
Status: NEW
Alias: None
Product: Fedora
Classification: Fedora
Component: libsoup3
Version: rawhide
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
Assignee: Gwyn Ciesla
QA Contact:
URL:
Whiteboard: {"flaws": ["78a3d7d2-5e60-49fb-b22e-0...
Depends On:
Blocks: CVE-2026-12478
TreeView+ depends on / blocked
 
Reported: 2026-07-14 09:21 UTC by Ganesh
Modified: 2026-07-14 09:21 UTC (History)
3 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Ganesh 2026-07-14 09:21:38 UTC
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

https://gitlab.gnome.org/GNOME/libsoup/-/work_items/476#note_2695744
https://redhat.atlassian.net/browse/PSIRTSUPT-8846


Note You need to log in before you can comment on or make changes to this bug.