Home

Description

A flaw was found in libsoup’s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses. This header ensures that responses vary appropriately based on request headers such as language or authentication. Without this check, cached content can be incorrectly reused across different requests, potentially exposing sensitive user information. While the issue is unlikely to affect everyday desktop use, it could result in confidentiality breaches in proxy or multi-user environments.

PUBLISHED Reserved 2025-09-03 | Published 2025-09-03 | Updated 2025-09-03 | Assigner redhat




MEDIUM: 5.9CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

Use of Cache Containing Sensitive Information

Product status

Default status
affected

Default status
unknown

Default status
affected

Default status
affected

Default status
affected

Timeline

2025-09-03:Reported to Red Hat.
2025-09-03:Made public.

Credits

Red Hat would like to thank zkbytes for reporting this issue.

References

access.redhat.com/security/cve/CVE-2025-9901 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2392790 (RHBZ#2392790) issue-tracking

cve.org (CVE-2025-9901)

nvd.nist.gov (CVE-2025-9901)

Download JSON