SUSE-SU-2026:20649-1 - Vulnerability-Lookup

SUSE-SU-2026:20649-1

Vulnerability from csaf_suse - Published: 2026-03-03 15:01 - Updated: 2026-03-03 15:01

Summary

Security update for libsoup

Severity

Important

Notes

Title of the patch: Security update for libsoup

Description of the patch: This update for libsoup fixes the following issues: - CVE-2025-32049: denial of service attack to websocket server (bsc#1240751). - CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests (bsc#1257398). - CVE-2026-1536: HTTP header injection or response splitting via CRLF injection in the Content-Disposition header (bsc#1257440). - CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects (bsc#1257441). - CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request smuggling and potential DoS (bsc#1257597). - CVE-2026-1761: incorrect length calculation when parsing of multipart HTTP responses can lead to a stack-based buffer overflow (bsc#1257598). - CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources (bsc#1258120). - CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information disclosure to remote attackers (bsc#1258170). - CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).

Patchnames: SUSE-SLE-Micro-6.1-420

Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

CVE-2025-32049

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-1467

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-1536

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-1539

5.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-1760

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-1761

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-2369

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-2443

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-2708

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

References

URL

Category

	https://www.suse.com/support/security/rating/	external
	https://ftp.suse.com/pub/projects/security/csaf/s…	self
	https://www.suse.com/support/update/announcement/…	self
	https://lists.suse.com/pipermail/sle-updates/2026…	self
	https://bugzilla.suse.com/1240751	self
	https://bugzilla.suse.com/1257398	self
	https://bugzilla.suse.com/1257440	self
	https://bugzilla.suse.com/1257441	self
	https://bugzilla.suse.com/1257597	self
	https://bugzilla.suse.com/1257598	self
	https://bugzilla.suse.com/1258120	self
	https://bugzilla.suse.com/1258170	self
	https://bugzilla.suse.com/1258508	self
	https://www.suse.com/security/cve/CVE-2025-32049/	self
	https://www.suse.com/security/cve/CVE-2026-1467/	self
	https://www.suse.com/security/cve/CVE-2026-1536/	self
	https://www.suse.com/security/cve/CVE-2026-1539/	self
	https://www.suse.com/security/cve/CVE-2026-1760/	self
	https://www.suse.com/security/cve/CVE-2026-1761/	self
	https://www.suse.com/security/cve/CVE-2026-2369/	self
	https://www.suse.com/security/cve/CVE-2026-2443/	self
	https://www.suse.com/security/cve/CVE-2026-2708/	self
	https://www.suse.com/security/cve/CVE-2025-32049	external
	https://bugzilla.suse.com/1240751	external
	https://bugzilla.suse.com/1250562	external
	https://www.suse.com/security/cve/CVE-2026-1467	external
	https://bugzilla.suse.com/1257398	external
	https://www.suse.com/security/cve/CVE-2026-1536	external
	https://bugzilla.suse.com/1257440	external
	https://www.suse.com/security/cve/CVE-2026-1539	external
	https://bugzilla.suse.com/1257441	external
	https://www.suse.com/security/cve/CVE-2026-1760	external
	https://bugzilla.suse.com/1257597	external
	https://www.suse.com/security/cve/CVE-2026-1761	external
	https://bugzilla.suse.com/1257598	external
	https://www.suse.com/security/cve/CVE-2026-2369	external
	https://bugzilla.suse.com/1258120	external
	https://www.suse.com/security/cve/CVE-2026-2443	external
	https://bugzilla.suse.com/1258170	external
	https://www.suse.com/security/cve/CVE-2026-2708	external
	https://bugzilla.suse.com/1258508	external

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for libsoup",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for libsoup fixes the following issues:\n\n- CVE-2025-32049: denial of service attack to websocket server (bsc#1240751).\n- CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests (bsc#1257398).\n- CVE-2026-1536: HTTP header injection or response splitting via CRLF injection in the Content-Disposition header\n  (bsc#1257440).\n- CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects\n  (bsc#1257441).\n- CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request\n  smuggling and potential DoS (bsc#1257597).\n- CVE-2026-1761: incorrect length calculation when parsing of multipart HTTP responses can lead to a stack-based buffer\n  overflow (bsc#1257598).\n- CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources (bsc#1258120).\n- CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information\n  disclosure to remote attackers (bsc#1258170).\n- CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.1-420",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20649-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:20649-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620649-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:20649-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2026-March/044819.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1240751",
        "url": "https://bugzilla.suse.com/1240751"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1257398",
        "url": "https://bugzilla.suse.com/1257398"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1257440",
        "url": "https://bugzilla.suse.com/1257440"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1257441",
        "url": "https://bugzilla.suse.com/1257441"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1257597",
        "url": "https://bugzilla.suse.com/1257597"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1257598",
        "url": "https://bugzilla.suse.com/1257598"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258120",
        "url": "https://bugzilla.suse.com/1258120"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258170",
        "url": "https://bugzilla.suse.com/1258170"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258508",
        "url": "https://bugzilla.suse.com/1258508"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-32049 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-32049/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-1467 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-1467/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-1536 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-1536/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-1539 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-1539/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-1760 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-1760/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-1761 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-1761/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-2369 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-2369/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-2443 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-2443/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-2708 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-2708/"
      }
    ],
    "title": "Security update for libsoup",
    "tracking": {
      "current_release_date": "2026-03-03T15:01:12Z",
      "generator": {
        "date": "2026-03-03T15:01:12Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:20649-1",
      "initial_release_date": "2026-03-03T15:01:12Z",
      "revision_history": [
        {
          "date": "2026-03-03T15:01:12Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
                "product": {
                  "name": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
                  "product_id": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
                "product": {
                  "name": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
                  "product_id": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
                "product": {
                  "name": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
                  "product_id": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64",
                "product": {
                  "name": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64",
                  "product_id": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.1",
                "product": {
                  "name": "SUSE Linux Micro 6.1",
                  "product_id": "SUSE Linux Micro 6.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64"
        },
        "product_reference": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le"
        },
        "product_reference": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x"
        },
        "product_reference": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
        },
        "product_reference": "libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-32049",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-32049"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-32049",
          "url": "https://www.suse.com/security/cve/CVE-2025-32049"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1240751 for CVE-2025-32049",
          "url": "https://bugzilla.suse.com/1240751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1250562 for CVE-2025-32049",
          "url": "https://bugzilla.suse.com/1250562"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-03T15:01:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-32049"
    },
    {
      "cve": "CVE-2026-1467",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-1467"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing a specially crafted URL containing CRLF sequences, allowing them to inject additional HTTP headers or complete HTTP request bodies. This can lead to unintended or unauthorized HTTP requests being forwarded by the proxy, potentially impacting downstream services.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-1467",
          "url": "https://www.suse.com/security/cve/CVE-2026-1467"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257398 for CVE-2026-1467",
          "url": "https://bugzilla.suse.com/1257398"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-03T15:01:12Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-1467"
    },
    {
      "cve": "CVE-2026-1536",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-1536"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF (Carriage Return Line Feed) sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP headers to be injected. This vulnerability can lead to HTTP header injection or HTTP response splitting without requiring authentication or user interaction.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-1536",
          "url": "https://www.suse.com/security/cve/CVE-2026-1536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257440 for CVE-2026-1536",
          "url": "https://bugzilla.suse.com/1257440"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-03T15:01:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-1536"
    },
    {
      "cve": "CVE-2026-1539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-1539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations. When handling HTTP redirects, libsoup removes the Authorization header but does not remove the Proxy-Authorization header if the request is redirected to a different host. As a result, sensitive proxy credentials may be leaked to third-party servers. Applications using libsoup for HTTP communication may unintentionally expose proxy authentication data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-1539",
          "url": "https://www.suse.com/security/cve/CVE-2026-1539"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257441 for CVE-2026-1539",
          "url": "https://bugzilla.suse.com/1257441"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-03T15:01:12Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-1539"
    },
    {
      "cve": "CVE-2026-1760",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-1760"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in SoupServer. This HTTP request smuggling vulnerability occurs because SoupServer improperly handles requests that combine Transfer-Encoding: chunked and Connection: keep-alive headers. A remote, unauthenticated client can exploit this by sending specially crafted requests, causing SoupServer to fail to close the connection as required by RFC 9112. This allows the attacker to smuggle additional requests over the persistent connection, leading to unintended request processing and potential denial-of-service (DoS) conditions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-1760",
          "url": "https://www.suse.com/security/cve/CVE-2026-1760"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257597 for CVE-2026-1760",
          "url": "https://bugzilla.suse.com/1257597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-03T15:01:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-1760"
    },
    {
      "cve": "CVE-2026-1761",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-1761"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption. This issue may result in application crashes or arbitrary code execution in applications that process untrusted server responses, and it does not require authentication or user interaction.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-1761",
          "url": "https://www.suse.com/security/cve/CVE-2026-1761"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1257598 for CVE-2026-1761",
          "url": "https://bugzilla.suse.com/1257598"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-03T15:01:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-1761"
    },
    {
      "cve": "CVE-2026-2369",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-2369"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "unknown",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-2369",
          "url": "https://www.suse.com/security/cve/CVE-2026-2369"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258120 for CVE-2026-2369",
          "url": "https://bugzilla.suse.com/1258120"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-03T15:01:12Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-2369"
    },
    {
      "cve": "CVE-2026-2443",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-2443"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server memory beyond the intended response. Exploitation requires a vulnerable configuration and access to a server using the embedded SoupServer component.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-2443",
          "url": "https://www.suse.com/security/cve/CVE-2026-2443"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258170 for CVE-2026-2443",
          "url": "https://bugzilla.suse.com/1258170"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-03T15:01:12Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-2443"
    },
    {
      "cve": "CVE-2026-2708",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-2708"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "unknown",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
          "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-2708",
          "url": "https://www.suse.com/security/cve/CVE-2026-2708"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258508 for CVE-2026-2708",
          "url": "https://bugzilla.suse.com/1258508"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.aarch64",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.ppc64le",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.s390x",
            "SUSE Linux Micro 6.1:libsoup-3_0-0-3.4.4-slfo.1.1_7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-03T15:01:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-2708"
    }
  ]
}

CVE-2026-1467 (GCVE-0-2026-1467)

Vulnerability from cvelistv5 – Published: 2026-01-27 09:17 – Updated: 2026-03-19 14:05

Title

Libsoup: libsoup: http header injection via specially crafted urls when an http proxy is configured

Summary

A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing a specially crafted URL containing CRLF sequences, allowing them to inject additional HTTP headers or complete HTTP request bodies. This can lead to unintended or unauthorized HTTP requests being forwarded by the proxy, potentially impacting downstream services.

Severity ?

5.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2026-1467	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2433174	issue-trackingx_refsource_REDHAT
	https://gitlab.gnome.org/GNOME/libsoup/-/issues/488

Impacted products

Vendor

Product

Version

Red Hat Enterprise Linux 10

cpe:/o:redhat:enterprise_linux:10

	Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
	Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
	Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
	Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9

Date Public ?

2026-01-27 00:00

Credits

Red Hat would like to thank Codean Labs for reporting this issue.

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1467",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-27T16:54:59.356679Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-27T16:55:09.286Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Codean Labs for reporting this issue."
        }
      ],
      "datePublic": "2026-01-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing a specially crafted URL containing CRLF sequences, allowing them to inject additional HTTP headers or complete HTTP request bodies. This can lead to unintended or unauthorized HTTP requests being forwarded by the proxy, potentially impacting downstream services."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-93",
              "description": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-19T14:05:54.187Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-1467"
        },
        {
          "name": "RHBZ#2433174",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433174"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/488"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-01-27T08:06:20.687Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-01-27T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: libsoup: http header injection via specially crafted urls when an http proxy is configured",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate this issue, avoid processing untrusted URLs in applications that use the libsoup library with an HTTP proxy configured. Restricting network access to the HTTP proxy can also limit potential exposure."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-1467",
    "datePublished": "2026-01-27T09:17:44.535Z",
    "dateReserved": "2026-01-27T08:07:32.077Z",
    "dateUpdated": "2026-03-19T14:05:54.187Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-1760 (GCVE-0-2026-1760)

Vulnerability from cvelistv5 – Published: 2026-02-02 14:01 – Updated: 2026-03-19 14:20

Title

Libsoup: soupserver: denial of service via http request smuggling

Summary

A flaw was found in SoupServer. This HTTP request smuggling vulnerability occurs because SoupServer improperly handles requests that combine Transfer-Encoding: chunked and Connection: keep-alive headers. A remote, unauthenticated client can exploit this by sending specially crafted requests, causing SoupServer to fail to close the connection as required by RFC 9112. This allows the attacker to smuggle additional requests over the persistent connection, leading to unintended request processing and potential denial-of-service (DoS) conditions.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2026-1760	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2435951	issue-trackingx_refsource_REDHAT
	https://gitlab.gnome.org/GNOME/libsoup/-/issues/475

Impacted products

Vendor

Product

Version

Red Hat Enterprise Linux 10

cpe:/o:redhat:enterprise_linux:10

	Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
	Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
	Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
	Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9

Date Public ?

2026-02-02 00:00

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1760",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-02T17:29:44.685159Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-02T17:29:53.838Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2026-02-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in SoupServer. This HTTP request smuggling vulnerability occurs because SoupServer improperly handles requests that combine Transfer-Encoding: chunked and Connection: keep-alive headers. A remote, unauthenticated client can exploit this by sending specially crafted requests, causing SoupServer to fail to close the connection as required by RFC 9112. This allows the attacker to smuggle additional requests over the persistent connection, leading to unintended request processing and potential denial-of-service (DoS) conditions."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-444",
              "description": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-19T14:20:22.488Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-1760"
        },
        {
          "name": "RHBZ#2435951",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2435951"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/475"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-02-02T12:24:20.855Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-02-02T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: soupserver: denial of service via http request smuggling",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-1760",
    "datePublished": "2026-02-02T14:01:26.762Z",
    "dateReserved": "2026-02-02T12:25:23.985Z",
    "dateUpdated": "2026-03-19T14:20:22.488Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-1761 (GCVE-0-2026-1761)

Vulnerability from cvelistv5 – Published: 2026-02-02 14:01 – Updated: 2026-03-19 14:40

Title

Libsoup: stack-based buffer overflow in libsoup multipart response parsingmultipart http response

Summary

A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption. This issue may result in application crashes or arbitrary code execution in applications that process untrusted server responses, and it does not require authentication or user interaction.

Severity ?

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

CWE

CWE-121 - Stack-based Buffer Overflow

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2026:1948	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2005	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2006	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2007	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2008	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2049	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2182	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2214	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2215	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2216	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2396	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2402	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2410	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2512	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2513	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2514	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2528	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2529	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2628	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2026:2844	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2026-1761	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2435961	issue-trackingx_refsource_REDHAT
	https://gitlab.gnome.org/GNOME/libsoup/-/issues/493

Impacted products

Vendor

Product

Version

Red Hat Enterprise Linux 10

Unaffected: 0:3.6.5-3.el10_1.9 , < * (rpm)
cpe:/o:redhat:enterprise_linux:10.1

	Red Hat	Red Hat Enterprise Linux 10	Unaffected: 0:3.6.5-3.el10_1.10 , < * (rpm) cpe:/o:redhat:enterprise_linux:10.1
	Red Hat	Red Hat Enterprise Linux 10.0 Extended Update Support	Unaffected: 0:3.6.5-3.el10_0.14 , < * (rpm) cpe:/o:redhat:enterprise_linux_eus:10.0
	Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:2.62.2-11.el7_9 , < * (rpm) cpe:/o:redhat:rhel_els:7
	Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:8.10-7 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
	Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:2.62.3-13.el8_10 , < * (rpm) cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::appstream
	Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:2.62.3-13.el8_10 , < * (rpm) cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::appstream
	Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:2.62.3-1.el8_2.8 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/o:redhat:rhel_aus:8.2::baseos
	Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:8.10-7.el8_2.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream
	Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:2.62.3-2.el8_4.8 , < * (rpm) cpe:/o:redhat:rhel_eus_long_life:8.4::baseos cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
	Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:8.10-7.el8_4.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
	Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:2.62.3-2.el8_4.8 , < * (rpm) cpe:/o:redhat:rhel_eus_long_life:8.4::baseos cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
	Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:8.10-7.el8_4.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
	Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:2.62.3-2.el8_6.8 , < * (rpm) cpe:/o:redhat:rhel_e4s:8.6::baseos cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/o:redhat:rhel_tus:8.6::baseos
	Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:8.10-7.el8_6.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
	Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:2.62.3-2.el8_6.8 , < * (rpm) cpe:/o:redhat:rhel_e4s:8.6::baseos cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/o:redhat:rhel_tus:8.6::baseos
	Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:8.10-7.el8_6.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
	Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:2.62.3-2.el8_6.8 , < * (rpm) cpe:/o:redhat:rhel_e4s:8.6::baseos cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/o:redhat:rhel_tus:8.6::baseos
	Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:8.10-7.el8_6.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
	Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:2.62.3-3.el8_8.8 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/o:redhat:rhel_e4s:8.8::baseos cpe:/o:redhat:rhel_tus:8.8::baseos
	Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:8.10-7.el8_8.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
	Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:2.62.3-3.el8_8.8 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/o:redhat:rhel_e4s:8.8::baseos cpe:/o:redhat:rhel_tus:8.8::baseos
	Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:8.10-7.el8_8.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
	Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:2.72.0-12.el9_7.5 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
	Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:2.72.0-8.el9_0.9 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
	Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:2.72.0-8.el9_2.10 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
	Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:2.72.0-8.el9_4.9 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream
	Red Hat	Red Hat Enterprise Linux 9.6 Extended Update Support	Unaffected: 0:2.72.0-10.el9_6.6 , < * (rpm) cpe:/a:redhat:rhel_eus:9.6::appstream
	Red Hat	Red Hat OpenShift Dev Spaces (RHOSDS) 3.26	Unaffected: sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96 , < * (rpm) cpe:/a:redhat:openshift_devspaces:3.26::el9
	Red Hat	Red Hat OpenShift Dev Spaces (RHOSDS) 3.26	Unaffected: sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e , < * (rpm) cpe:/a:redhat:openshift_devspaces:3.26::el9
	Red Hat	Red Hat OpenShift Dev Spaces (RHOSDS) 3.26	Unaffected: sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5 , < * (rpm) cpe:/a:redhat:openshift_devspaces:3.26::el9
	Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Date Public ?

2026-02-02 00:00

Credits

Red Hat would like to thank Naoki Wakamatsu for reporting this issue.

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1761",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-02T17:30:09.660569Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-02T17:30:19.874Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.1"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_1.9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.1"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_1.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux_eus:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_0.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.2-11.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-13.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-13.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-1.el8_2.8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-7.el8_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-7.el8_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-7.el8_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-7.el8_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-7.el8_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-7.el8_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/o:redhat:rhel_e4s:8.8::baseos",
            "cpe:/o:redhat:rhel_tus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-7.el8_8.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/o:redhat:rhel_e4s:8.8::baseos",
            "cpe:/o:redhat:rhel_tus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-7.el8_8.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-12.el9_7.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_0.9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_devspaces:3.26::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "devspaces/openvsx-rhel9",
          "product": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_devspaces:3.26::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "devspaces/pluginregistry-rhel9",
          "product": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_devspaces:3.26::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "devspaces/udi-rhel9",
          "product": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Naoki Wakamatsu for reporting this issue."
        }
      ],
      "datePublic": "2026-02-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption. This issue may result in application crashes or arbitrary code execution in applications that process untrusted server responses, and it does not require authentication or user interaction."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-19T14:40:01.829Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2026:1948",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:1948"
        },
        {
          "name": "RHSA-2026:2005",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2005"
        },
        {
          "name": "RHSA-2026:2006",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2006"
        },
        {
          "name": "RHSA-2026:2007",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2007"
        },
        {
          "name": "RHSA-2026:2008",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2008"
        },
        {
          "name": "RHSA-2026:2049",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2049"
        },
        {
          "name": "RHSA-2026:2182",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2182"
        },
        {
          "name": "RHSA-2026:2214",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2214"
        },
        {
          "name": "RHSA-2026:2215",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2215"
        },
        {
          "name": "RHSA-2026:2216",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2216"
        },
        {
          "name": "RHSA-2026:2396",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2396"
        },
        {
          "name": "RHSA-2026:2402",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2402"
        },
        {
          "name": "RHSA-2026:2410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2410"
        },
        {
          "name": "RHSA-2026:2512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2512"
        },
        {
          "name": "RHSA-2026:2513",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2513"
        },
        {
          "name": "RHSA-2026:2514",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2514"
        },
        {
          "name": "RHSA-2026:2528",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2528"
        },
        {
          "name": "RHSA-2026:2529",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2529"
        },
        {
          "name": "RHSA-2026:2628",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2628"
        },
        {
          "name": "RHSA-2026:2844",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:2844"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-1761"
        },
        {
          "name": "RHBZ#2435961",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2435961"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/493"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-02-02T12:51:56.172Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-02-02T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: stack-based buffer overflow in libsoup multipart response parsingmultipart http response",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate this issue, applications utilizing libsoup that process HTTP responses should be configured to only communicate with trusted endpoints. Implement network egress filtering to restrict vulnerable applications from connecting to untrusted external services, thereby reducing the exposure to specially crafted multipart HTTP responses."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-121: Stack-based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-1761",
    "datePublished": "2026-02-02T14:01:03.802Z",
    "dateReserved": "2026-02-02T12:54:30.233Z",
    "dateUpdated": "2026-03-19T14:40:01.829Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-2443 (GCVE-0-2026-2443)

Vulnerability from cvelistv5 – Published: 2026-02-13 11:58 – Updated: 2026-02-13 12:43

Title

Libsoup: out-of-bounds read in libsoup handle_partial_get() leading to heap information disclosure

Summary

A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server memory beyond the intended response. Exploitation requires a vulnerable configuration and access to a server using the embedded SoupServer component.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-125 - Out-of-bounds Read

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2026-2443	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2439671	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Red Hat Enterprise Linux 10

cpe:/o:redhat:enterprise_linux:10

	Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
	Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
	Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
	Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9

Date Public ?

2026-02-13 00:00

Credits

Red Hat would like to thank Codean Labs for reporting this issue.

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-2443",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-13T12:40:40.304156Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-13T12:43:36.389Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Codean Labs for reporting this issue."
        }
      ],
      "datePublic": "2026-02-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server memory beyond the intended response. Exploitation requires a vulnerable configuration and access to a server using the embedded SoupServer component."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-13T11:58:20.313Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-2443"
        },
        {
          "name": "RHBZ#2439671",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439671"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-02-13T11:26:59.154Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-02-13T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: out-of-bounds read in libsoup handle_partial_get() leading to heap information disclosure",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-2443",
    "datePublished": "2026-02-13T11:58:20.313Z",
    "dateReserved": "2026-02-13T04:32:46.051Z",
    "dateUpdated": "2026-02-13T12:43:36.389Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-2369 (GCVE-0-2026-2369)

Vulnerability from cvelistv5 – Published: 2026-03-19 14:20 – Updated: 2026-03-19 14:42

Title

Libsoup: libsoup: buffer overread due to integer underflow when handling zero-length resources

Summary

A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

CWE

CWE-191 - Integer Underflow (Wrap or Wraparound)

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2026-2369	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2439091	issue-trackingx_refsource_REDHAT
	https://gitlab.gnome.org/GNOME/libsoup/-/issues/498

Impacted products

Vendor

Product

Version

Red Hat Enterprise Linux 10

cpe:/o:redhat:enterprise_linux:10

	Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
	Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
	Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
	Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9

Date Public ?

2026-02-11 11:11

Credits

Red Hat would like to thank Eric Su and Samuel Dainard for reporting this issue.

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-2369",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-19T14:42:24.811774Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-19T14:42:31.418Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Eric Su and Samuel Dainard for reporting this issue."
        }
      ],
      "datePublic": "2026-02-11T11:11:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-191",
              "description": "Integer Underflow (Wrap or Wraparound)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-19T14:20:27.489Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-2369"
        },
        {
          "name": "RHBZ#2439091",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439091"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/498"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-02-11T20:20:56.369Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-02-11T11:11:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: libsoup: buffer overread due to integer underflow when handling zero-length resources",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-191: Integer Underflow (Wrap or Wraparound)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-2369",
    "datePublished": "2026-03-19T14:20:27.489Z",
    "dateReserved": "2026-02-11T20:31:34.894Z",
    "dateUpdated": "2026-03-19T14:42:31.418Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-1539 (GCVE-0-2026-1539)

Vulnerability from cvelistv5 – Published: 2026-01-28 15:15 – Updated: 2026-03-19 14:16

Title

Libsoup: libsoup: credential leakage via http redirects

Summary

A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations. When handling HTTP redirects, libsoup removes the Authorization header but does not remove the Proxy-Authorization header if the request is redirected to a different host. As a result, sensitive proxy credentials may be leaked to third-party servers. Applications using libsoup for HTTP communication may unintentionally expose proxy authentication data.

Severity ?

5.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

CWE

CWE-201 - Insertion of Sensitive Information Into Sent Data

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2026-1539	vdb-entryx_refsource_REDHAT
	https://gitlab.gnome.org/GNOME/libsoup/-/issues/489

Impacted products

Vendor

Product

Version

Red Hat Enterprise Linux 10

cpe:/o:redhat:enterprise_linux:10

	Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
	Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
	Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
	Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9

Date Public ?

2026-01-28 00:00

Credits

Red Hat would like to thank Codean Labs for reporting this issue.

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1539",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-28T16:09:01.060307Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-28T16:09:13.485Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Codean Labs for reporting this issue."
        }
      ],
      "datePublic": "2026-01-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations. When handling HTTP redirects, libsoup removes the Authorization header but does not remove the Proxy-Authorization header if the request is redirected to a different host. As a result, sensitive proxy credentials may be leaked to third-party servers. Applications using libsoup for HTTP communication may unintentionally expose proxy authentication data."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-201",
              "description": "Insertion of Sensitive Information Into Sent Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-19T14:16:42.026Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-1539"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/489"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-01-28T13:41:13.574Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-01-28T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: libsoup: credential leakage via http redirects",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-201: Insertion of Sensitive Information Into Sent Data"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-1539",
    "datePublished": "2026-01-28T15:15:48.725Z",
    "dateReserved": "2026-01-28T14:27:02.614Z",
    "dateUpdated": "2026-03-19T14:16:42.026Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-32049 (GCVE-0-2025-32049)

Vulnerability from cvelistv5 – Published: 2025-04-03 13:36 – Updated: 2025-11-18 08:36

Title

Libsoup: denial of service attack to websocket server

Summary

A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS).

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2025:21657	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:8126	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:8128	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:8132	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:8139	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:8140	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:8252	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:8480	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:8481	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:8482	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:8663	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9179	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2025-32049	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2357066	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Affected: 0 , ≤ 3.6.4 (semver)

	Red Hat	Red Hat Enterprise Linux 10	Unaffected: 0:3.6.5-3.el10_0.6 , < * (rpm) cpe:/o:redhat:enterprise_linux:10.0
	Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:2.62.2-9.el7_9 , < * (rpm) cpe:/o:redhat:rhel_els:7
	Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:2.62.2-6.el7_9 , < * (rpm) cpe:/o:redhat:rhel_els:7
	Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:2.62.3-9.el8_10 , < * (rpm) cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::appstream
	Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:2.62.3-9.el8_10 , < * (rpm) cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::appstream
	Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:2.62.3-1.el8_2.5 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/o:redhat:rhel_aus:8.2::baseos
	Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:2.62.3-2.el8_4.5 , < * (rpm) cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/a:redhat:rhel_aus:8.4::appstream
	Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:2.62.3-2.el8_6.5 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/o:redhat:rhel_tus:8.6::baseos cpe:/o:redhat:rhel_e4s:8.6::baseos cpe:/o:redhat:rhel_aus:8.6::baseos
	Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:2.62.3-2.el8_6.5 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/o:redhat:rhel_tus:8.6::baseos cpe:/o:redhat:rhel_e4s:8.6::baseos cpe:/o:redhat:rhel_aus:8.6::baseos
	Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:2.62.3-2.el8_6.5 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/o:redhat:rhel_tus:8.6::baseos cpe:/o:redhat:rhel_e4s:8.6::baseos cpe:/o:redhat:rhel_aus:8.6::baseos
	Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 0:2.62.3-3.el8_8.5 , < * (rpm) cpe:/o:redhat:rhel_eus:8.8::baseos cpe:/a:redhat:rhel_eus:8.8::appstream
	Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:2.72.0-10.el9_6.2 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
	Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:2.72.0-8.el9_0.5 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
	Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:2.72.0-8.el9_2.5 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::appstream
	Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:2.72.0-8.el9_4.5 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream
	Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Date Public ?

2025-04-03 00:00

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32049",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-03T14:58:16.040953Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-03T14:58:32.619Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThanOrEqual": "3.6.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_0.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.2-9.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.2-6.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-9.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-9.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-1.el8_2.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos",
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_0.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-18T08:36:53.872Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:21657",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:21657"
        },
        {
          "name": "RHSA-2025:8126",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8126"
        },
        {
          "name": "RHSA-2025:8128",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8128"
        },
        {
          "name": "RHSA-2025:8132",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8132"
        },
        {
          "name": "RHSA-2025:8139",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8139"
        },
        {
          "name": "RHSA-2025:8140",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8140"
        },
        {
          "name": "RHSA-2025:8252",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8252"
        },
        {
          "name": "RHSA-2025:8480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8480"
        },
        {
          "name": "RHSA-2025:8481",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8481"
        },
        {
          "name": "RHSA-2025:8482",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8482"
        },
        {
          "name": "RHSA-2025:8663",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8663"
        },
        {
          "name": "RHSA-2025:9179",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9179"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32049"
        },
        {
          "name": "RHBZ#2357066",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357066"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-03T01:16:46.830Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-03T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: denial of service attack to websocket server",
      "workarounds": [
        {
          "lang": "en",
          "value": "No mitigation is currently available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-770: Allocation of Resources Without Limits or Throttling"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32049",
    "datePublished": "2025-04-03T13:36:13.035Z",
    "dateReserved": "2025-04-03T01:42:14.134Z",
    "dateUpdated": "2025-11-18T08:36:53.872Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-1536 (GCVE-0-2026-1536)

Vulnerability from cvelistv5 – Published: 2026-01-28 15:15 – Updated: 2026-03-19 14:10

Title

Libsoup: libsoup: http header injection or response splitting via crlf injection in content-disposition header

Summary

A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF (Carriage Return Line Feed) sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP headers to be injected. This vulnerability can lead to HTTP header injection or HTTP response splitting without requiring authentication or user interaction.

Severity ?

5.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2026-1536	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2433834	issue-trackingx_refsource_REDHAT
	https://gitlab.gnome.org/GNOME/libsoup/-/issues/486

Impacted products

Vendor

Product

Version

Red Hat Enterprise Linux 10

cpe:/o:redhat:enterprise_linux:10

	Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
	Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
	Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
	Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9

Date Public ?

2026-01-28 00:00

Credits

Red Hat would like to thank Codean Labs for reporting this issue.

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1536",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-28T16:10:03.699999Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-28T16:10:16.291Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Codean Labs for reporting this issue."
        }
      ],
      "datePublic": "2026-01-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF (Carriage Return Line Feed) sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP headers to be injected. This vulnerability can lead to HTTP header injection or HTTP response splitting without requiring authentication or user interaction."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-93",
              "description": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-19T14:10:14.744Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-1536"
        },
        {
          "name": "RHBZ#2433834",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433834"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/486"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-01-28T13:49:20.976Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-01-28T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: libsoup: http header injection or response splitting via crlf injection in content-disposition header",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-1536",
    "datePublished": "2026-01-28T15:15:46.708Z",
    "dateReserved": "2026-01-28T13:49:51.550Z",
    "dateUpdated": "2026-03-19T14:10:14.744Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.