Количество 6
Количество 6
CVE-2026-3634
CRLF injection in soup_message_headers_set_content_type()
CVE-2026-3634
A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. This vulnerability allows for the injection of arbitrary header-value pairs, potentially leading to HTTP header injection and response splitting attacks.
CVE-2026-3634
A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. This vulnerability allows for the injection of arbitrary header-value pairs, potentially leading to HTTP header injection and response splitting attacks.
CVE-2026-3634
Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type header
CVE-2026-3634
A flaw was found in libsoup. An attacker controlling the value used to ...
GHSA-jx6g-363c-pprr
A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. This vulnerability allows for the injection of arbitrary header-value pairs, potentially leading to HTTP header injection and response splitting attacks.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-3634 CRLF injection in soup_message_headers_set_content_type() | CVSS3: 3.9 | 0% Низкий | 18 дней назад |
 | CVE-2026-3634 A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. This vulnerability allows for the injection of arbitrary header-value pairs, potentially leading to HTTP header injection and response splitting attacks. | CVSS3: 3.9 | 0% Низкий | 21 день назад |
 | CVE-2026-3634 A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. This vulnerability allows for the injection of arbitrary header-value pairs, potentially leading to HTTP header injection and response splitting attacks. | CVSS3: 3.9 | 0% Низкий | 9 дней назад |
 | CVE-2026-3634 Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type header | 0% Низкий | 6 дней назад | |
| CVE-2026-3634 A flaw was found in libsoup. An attacker controlling the value used to ... | CVSS3: 3.9 | 0% Низкий | 9 дней назад |
| GHSA-jx6g-363c-pprr A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. This vulnerability allows for the injection of arbitrary header-value pairs, potentially leading to HTTP header injection and response splitting attacks. | CVSS3: 3.9 | 0% Низкий | 9 дней назад |
Уязвимостей на страницу