Home

Description

A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing a specially crafted URL containing CRLF sequences, allowing them to inject additional HTTP headers or complete HTTP request bodies. This can lead to unintended or unauthorized HTTP requests being forwarded by the proxy, potentially impacting downstream services.

PUBLISHED Reserved 2026-01-27 | Published 2026-01-27 | Updated 2026-01-28 | Assigner redhat




MEDIUM: 5.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Problem types

Improper Neutralization of CRLF Sequences ('CRLF Injection')

Product status

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Timeline

2026-01-27:Reported to Red Hat.
2026-01-27:Made public.

Credits

Red Hat would like to thank Codean Labs for reporting this issue.

References

access.redhat.com/security/cve/CVE-2026-1467 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2433174 (RHBZ#2433174) issue-tracking

cve.org (CVE-2026-1467)

nvd.nist.gov (CVE-2026-1467)

Download JSON