NIXPKGS-2026-0177

GitHub issue published on

Permalink CVE-2026-1467

6.1 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): NONE

updated 2 months ago by @LeSuisse Activity log

Created automatic suggestion 2 months, 1 week ago
@LeSuisse removed package tests.pkg-config.defaultPkgConfigPackages."libsoup-gnome-2.4" 2 months ago
@LeSuisse accepted 2 months ago
@LeSuisse published on GitHub 2 months ago

Libsoup: libsoup: http header injection via specially crafted urls when an http proxy is configured

A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing a specially crafted URL containing CRLF sequences, allowing them to inject additional HTTP headers or complete HTTP request bodies. This can lead to unintended or unauthorized HTTP requests being forwarded by the proxy, potentially impacting downstream services.

References

https://access.redhat.com/security/cve/CVE-2026-1467 x_refsource_REDHATvdb-entry
RHBZ#2433174 issue-trackingx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2026-1467 x_refsource_REDHATvdb-entry
RHBZ#2433174 issue-trackingx_refsource_REDHAT

Affected products

libsoup

libsoup3

Matching in nixpkgs

pkgs.libsoup_3

HTTP client/server library for GNOME

nixos-unstable 3.6.5
- nixpkgs-unstable 3.6.5
- nixos-unstable-small 3.6.5

pkgs.libsoup_2_4