CLSA-2026-1777035141 libsoup: Fix of CVE-2026-5119

CVE-2026-5119: do not send cookies to a HTTP proxy for a HTTPS request...

OESA-2026-2030 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw was found in libsoup. When establishing HTTPS tunnels through a configur...

CLSA-2026-1777035524 libsoup: Fix of CVE-2026-5119

CVE-2026-5119: do not send cookies to a HTTP proxy for a HTTPS request...

Linux Distros Unpatched Vulnerability : CVE-2026-5119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the...

CLSA-2026-1776681849 libsoup: Fix of CVE-2026-5119

CVE-2026-5119: fix cleartext transmission of cookies to HTTP proxy in tunnelconnect CONNECT request for HTTPS targets...

flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header

A flaw was found in the Python Flask package. A cached response may contain data for one client sent by a proxy to other clients, including session cookies, resulting in the compromise of data confidentiality contained in the leak requests or cookies. This happens when the following conditions ar...

hawtio: Proxy is sharing cookies among all the clients

It was discovered that the hawtio servlet uses a single HttpClient instance to proxy requests with a persistent cookie store cookies are stored locally and are not passed between the client and the end URL which means all clients using that proxy are sharing the same cookies...