VYPR

Gsoap

by Genivia

Source repositories

CVEs (10)

  • CVE-2017-9765HigJul 20, 2017
    risk 0.54cvss 8.1epss 0.22

    Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via a large XML…

  • CVE-2024-4227HigJan 15, 2025
    risk 0.49cvss 7.5epss 0.01

    In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS.

  • CVE-2019-25355Feb 18, 2026
    risk 0.00cvss epss 0.01

    gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../'…

  • CVE-2021-21783Mar 25, 2021
    risk 0.00cvss epss 0.05

    A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2020-13575Feb 10, 2021
    risk 0.00cvss epss 0.02

    A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2020-13576Feb 10, 2021
    risk 0.00cvss epss 0.06

    A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2020-13577Feb 10, 2021
    risk 0.00cvss epss 0.03

    A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2020-13574Feb 10, 2021
    risk 0.00cvss epss 0.03

    A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2020-13578Feb 10, 2021
    risk 0.00cvss epss 0.03

    A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2019-7659Feb 9, 2019
    risk 0.00cvss epss 0.02

    Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWITH_COOKIES flag. This affects the C/C++ libgsoapck/libgsoapck++ and…