Lucene search
K

939 matches found

RedHat Linux
RedHat Linux
added 2026/01/29 11:28 a.m.17 views

libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins)

A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the...

8.2CVSS5.8AI score0.00496EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/29 11:17 a.m.12 views

libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins)

A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the...

8.2CVSS5.8AI score0.00496EPSS
Exploits0References5
OSV
OSV
added 2026/01/21 10:27 p.m.7 views

GHSA-95C6-P277-P87G FastAPI Api Key has a timing side-channel in verify_key that allows statistical key validity detection

Impact Timing side-channel vulnerability in verifykey. The method applied a random delay only on verification failures, allowing an attacker to statistically distinguish valid from invalid API keys by measuring response latencies. With enough repeated requests, an adversary could infer whether a...

3.7CVSS5.6AI score0.00254EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/21 5:40 a.m.13 views

libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins)

A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the...

8.2CVSS5.8AI score0.00496EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/21 5:26 a.m.8 views

libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins)

A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the...

8.2CVSS5.8AI score0.00496EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/21 12:0 a.m.3 views

RHEL 8 : libsoup (RHSA-2026:0909)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0909 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes...

8.2CVSS5.6AI score0.00496EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/21 12:0 a.m.2 views

RHEL 9 : libsoup (RHSA-2026:0906)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0906 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes...

8.2CVSS5.6AI score0.00496EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/01/20 3:37 p.m.7 views

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

8.2CVSS5.8AI score0.00496EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/01/20 3:33 p.m.8 views

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.2CVSS5.8AI score0.00496EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/01/20 6:18 a.m.4 views

libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins)

A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the...

8.2CVSS5.8AI score0.00496EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

RockyLinux 10 : libsoup3 (RLSA-2026:0423)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0423 advisory. libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 Tenable has extracted the preceding...

8.2CVSS5.4AI score0.00496EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/01/14 9:8 a.m.6 views

libsoup security update

An update is available for libsoup. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libsoup packages provide an HTTP client and server library for GNOME...

8.2CVSS6.9AI score0.00496EPSS
Exploits0
OSV
OSV
added 2026/01/14 9:8 a.m.4 views

RLSA-2026:0421 Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 For more details about the security issues, including the impact, a CVSS score,...

8.2CVSS6.8AI score0.00496EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

MiracleLinux 8 : libsoup-2.62.3-11.el8_10 (AXSA:2026-026:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-026:01 advisory. libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 Tenable has extracted the preceding...

8.2CVSS5.4AI score0.00496EPSS
Exploits0References2
OSV
OSV
added 2026/01/12 12:0 a.m.4 views

ALSA-2026:0423 Important: libsoup3 security update

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

8.2CVSS5.5AI score0.00496EPSS
Exploits0References4
OSV
OSV
added 2026/01/12 12:0 a.m.5 views

ALSA-2026:0422 Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 For more details about the security issues, including the impact, a CVSS score,...

8.2CVSS5.4AI score0.00496EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/01/12 12:0 a.m.4 views

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 For more details about the security issues, including the impact, a CVSS score,...

8.2CVSS5.5AI score0.00496EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/01/12 12:0 a.m.5 views

Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy First- vs Last-Value Wins CVE-2025-14523 For more details about the security issues, including the impact, a CVSS score,...

8.2CVSS5.5AI score0.00496EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 12:17 p.m.8 views

CVE-2018-10949

mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors...

5.3CVSS6.8AI score0.02446EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:27 a.m.8 views

CVE-2021-33149

Observable behavioral discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...

5.5CVSS6.2AI score0.00242EPSS
Exploits0References1
Rows per page
Query Builder