2 matches found
RHEL 8 : spice-client-win (RHSA-2026:1572)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1572 advisory. Spice client MSI installers for Windows clients Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy Firs...
CVE-2025-14523
A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the...