Security Advisory

CVE-2025-46421

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-24 13:01:24

Last updated 2026-06-30 03:06:47

Assigner redhat

State PUBLISHED

Description

A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect.

← Browse all CVEs View on cve.org ↗