2 matches found
libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins)
A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the...
PT-2026-44752
Name of the Vulnerable Software and Affected Versions libsoup affected versions not specified Description An unsigned to signed conversion error exists in the soup body input stream read chunked function. A remote attacker can exploit this by sending a malicious HTTP request when libsoup is used...