Description
A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential session hijacking or user impersonation.
Problem types
Cleartext Transmission of Sensitive Information
Product status
0:3.6.5-3.el10_1.11 (rpm) before *
0:3.6.5-3.el10_2.11 (rpm) before *
0:3.6.5-3.el10_0.15 (rpm) before *
0:2.62.3-14.el8_10 (rpm) before *
0:2.62.3-14.el8_10 (rpm) before *
0:2.62.3-2.el8_4.9 (rpm) before *
0:2.62.3-2.el8_4.9 (rpm) before *
0:2.62.3-3.el8_8.9 (rpm) before *
0:2.62.3-3.el8_8.9 (rpm) before *
0:2.72.0-12.el9_7.6 (rpm) before *
0:2.72.0-16.el9_8.1 (rpm) before *
0:2.72.0-8.el9_0.10 (rpm) before *
0:2.72.0-8.el9_2.11 (rpm) before *
0:2.72.0-8.el9_4.10 (rpm) before *
0:2.72.0-10.el9_6.7 (rpm) before *
Timeline
| 2026-03-30: | Reported to Red Hat. |
| 2026-03-30: | Made public. |
Credits
Red Hat would like to thank Kona Arctic for reporting this issue.
References
access.redhat.com/errata/RHSA-2026:13978 (RHSA-2026:13978)
access.redhat.com/errata/RHSA-2026:14087 (RHSA-2026:14087)
access.redhat.com/errata/RHSA-2026:15968 (RHSA-2026:15968)
access.redhat.com/errata/RHSA-2026:17482 (RHSA-2026:17482)
access.redhat.com/errata/RHSA-2026:19143 (RHSA-2026:19143)
access.redhat.com/errata/RHSA-2026:19356 (RHSA-2026:19356)
access.redhat.com/errata/RHSA-2026:21686 (RHSA-2026:21686)
access.redhat.com/errata/RHSA-2026:22316 (RHSA-2026:22316)
access.redhat.com/errata/RHSA-2026:22317 (RHSA-2026:22317)
access.redhat.com/errata/RHSA-2026:22323 (RHSA-2026:22323)
access.redhat.com/errata/RHSA-2026:22710 (RHSA-2026:22710)
access.redhat.com/errata/RHSA-2026:22716 (RHSA-2026:22716)
access.redhat.com/security/cve/CVE-2026-5119
bugzilla.redhat.com/show_bug.cgi?id=2452932 (RHBZ#2452932)
gitlab.gnome.org/GNOME/libsoup/-/issues/502