CVE-2019-7659

Name of the Vulnerable Software and Affected Versions Genivia gSOAP versions 2.7.x through 2.8.x before 2.8.75 Genivia gSOAP version 2.8.75 and later are not affected, but the exact fixed version is specified as 2.8.75, so we list versions prior to 2.8.75 as vulnerable.

Description The issue allows attackers to cause a denial of service or possibly have other unspecified impacts on server applications built with the -DWITH COOKIES flag. This affects the C/C++ libgsoapck/libgsoapck++ and libgsoapssl/libgsoapssl++ libraries.

Recommendations For Genivia gSOAP versions 2.7.x through 2.8.x before 2.8.75, update to version 2.8.75 or later to resolve the issue. As a temporary workaround, consider disabling the -DWITH COOKIES flag in server applications until a patch is available.