CNNVD-202601-4577 Information

CNNVD ID

CNNVD-202601-4577

Related CVE

CVE-2026-1467

• CNNVD Published: 2026-01-27

Description (Chinese)

libsoup是GNOME项目的一款GNOME的HTTP客户端/服务器库。 libsoup存在注入漏洞，该漏洞源于配置HTTP代理时处理URL解码输入不当，可能导致CRLF注入攻击。

Description (English)

Libsoup is the HTTP client/server library of the GNOME project. Libsoup has an injection loophole, which stems from the inappropriate handling of URL decoded input when configured with HTTP agents, which could lead to an attack by CRLF.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

GNOME

Published

2026-01-27

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2026-1467 https://bugzilla.redhat.com/show_bug.cgi?id=2433174

Patch

https://gitlab.gnome.org/GNOME/libsoup