Количество 9
Количество 9
CVE-2026-2708
[libsoup: HTTP/1 request smuggling primitives accepted (CL.CL and TE+CL) in soup_headers_parse()]
CVE-2026-2708
A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic. The soup_message_headers_append_common() function in libsoup/soup-message-headers.c unconditionally appends each header value without validating for duplicate or conflicting Content-Length fields. This allows an attacker to send HTTP requests containing multiple Content-Length headers with differing values.
CVE-2026-2708
[libsoup: HTTP/1 request smuggling primitives accepted (CL.CL and TE+CL) in soup_headers_parse()]
SUSE-SU-2026:0690-1
Security update for libsoup
SUSE-SU-2026:0689-1
Security update for libsoup
SUSE-SU-2026:0657-1
Security update for libsoup2
SUSE-SU-2026:0703-1
Security update for libsoup
SUSE-SU-2026:0834-1
Security update for libsoup2
openSUSE-SU-2026:20354-1
Security update for libsoup2
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-2708 [libsoup: HTTP/1 request smuggling primitives accepted (CL.CL and TE+CL) in soup_headers_parse()] | около 1 месяца назад | ||
 | CVE-2026-2708 A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic. The soup_message_headers_append_common() function in libsoup/soup-message-headers.c unconditionally appends each header value without validating for duplicate or conflicting Content-Length fields. This allows an attacker to send HTTP requests containing multiple Content-Length headers with differing values. | CVSS3: 3.7 | около 1 месяца назад | |
| CVE-2026-2708 [libsoup: HTTP/1 request smuggling primitives accepted (CL.CL and TE+CL) in soup_headers_parse()] | - | ||
 | SUSE-SU-2026:0690-1 Security update for libsoup | 29 дней назад | ||
| SUSE-SU-2026:0689-1 Security update for libsoup | 29 дней назад | ||
| SUSE-SU-2026:0657-1 Security update for libsoup2 | 30 дней назад | ||
| SUSE-SU-2026:0703-1 Security update for libsoup | 28 дней назад | ||
| SUSE-SU-2026:0834-1 Security update for libsoup2 | 23 дня назад | ||
| openSUSE-SU-2026:20354-1 Security update for libsoup2 | 15 дней назад |
Уязвимостей на страницу