{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T05:03:28.924","vulnerabilities":[{"cve":{"id":"CVE-2025-46421","sourceIdentifier":"secalert@redhat.com","published":"2025-04-24T13:15:45.703","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect."},{"lang":"es","value":"Se detectó una falla en libsoup. Cuando los clientes de libsoup se encuentran con una redirección HTTP, envían por error el encabezado de autorización HTTP al nuevo host al que apunta la redirección. Esto permite que el nuevo host suplante al usuario ante el host original que emitió la redirección."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":5.2}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-497"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:4439","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4440","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4508","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4538","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4560","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4568","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4609","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4624","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7436","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7505","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-46421","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2361962","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/439","source":"secalert@redhat.com"}]}}]}