CVE-2025-46421 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redire…
Medium CVSS: 6.8

CVE-2025-46421

A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect.
Vendor
-
Product
-
CWE
CWE-497
Yayın Tarihi
2025-04-24 13:15:45
Güncelleme
2025-07-28 13:15:30
Source Identifier
secalert@redhat.com
KEV Date Added
-

Kategoriler

CWE-497 MEDIUM 2025

Referanslar

https://access.redhat.com/errata/RHSA-2025:4439 https://access.redhat.com/errata/RHSA-2025:4440 https://access.redhat.com/errata/RHSA-2025:4508 https://access.redhat.com/errata/RHSA-2025:4538 https://access.redhat.com/errata/RHSA-2025:4560 https://access.redhat.com/errata/RHSA-2025:4568 https://access.redhat.com/errata/RHSA-2025:4609 https://access.redhat.com/errata/RHSA-2025:4624 https://access.redhat.com/errata/RHSA-2025:7436 https://access.redhat.com/errata/RHSA-2025:7505 https://access.redhat.com/security/cve/CVE-2025-46421 https://bugzilla.redhat.com/show_bug.cgi?id=2361962 https://gitlab.gnome.org/GNOME/libsoup/-/issues/439