CVE-2026-2708

high

Description

Debian Linux - libsoup2.4 - None libsoup3 - None Red Hat Enterprise Linux - libsoup: libsoup: HTTP Request Smuggling via Duplicate Content-Length Headers Ubuntu Linux - [libsoup: HTTP/1 request smuggling primitives accepted (CL.CL and TE+CL) in soup_headers_parse()]

Details

Source: Mitre, NVD

Risk Information

CVSS v2

Base Score: 8.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:C/A:N

Severity: High

CVSS v3

Base Score: 8.2

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N