Threat Intel

v0.1

← CVEs

CVE-2026-3633

LOW 3.9
Published
2026-03-17
Last Modified
2026-03-19
Affected Apps
15
Affected Devices
40
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the `soup_message_new()` function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF (Carriage Return Line Feed) injection, occurs because the method value is not properly escaped during request line construction, potentially leading to HTTP request injection.
Affected Applications in Environment 15
libsoup v2.72.0-10.el9_6.2
22 devices
libsoup v2.72.0-10.el9_6.2
1 device
libsoup v2.72.0-12.el9_7.5
2 devices
libsoup v2.62.3-7.el8_10
1 device
libsoup v2.72.0-12.el9_7.3
1 device
libsoup v2.62.3-3.el8
2 devices
libsoup v2.72.0-12.el9_7.1
3 devices
libsoup v2.62.3-7.el8_10
1 device
libsoup v2.62.3-10.el8_10
1 device
libsoup v2.62.3-10.el8_10
1 device
libsoup v2.72.0-10.el9_6.3
1 device
libsoup v2.62.2-2.el7
1 device
libsoup v2.62.3-13.el8_10
1 device
libsoup v2.62.3-11.el8_10
1 device
libsoup v2.72.0-12.el9_7.5
1 device
Affected Devices 40
chela03 Linux chela04 Linux chela05 Linux devjobsub.banner.usu.edu Linux dpapsb-161390.aggies.usu.edu Linux dpapsb-191594.mypc.usu.edu Linux el103-02.ece.usu.edu Linux el103-03.ece.usu.edu Linux el103-04.ece.usu.edu Linux el103-05.ece.usu.edu Linux el103-07.ece.usu.edu Linux el103-08.ece.usu.edu Linux el103-09.ece.usu.edu Linux el103-10.ece.usu.edu Linux el103-14.ece.usu.edu Linux el103-15.ece.usu.edu Linux el103-16.ece.usu.edu Linux el103-17.ece.usu.edu Linux el103-18.ece.usu.edu Linux el103-19.ece.usu.edu Linux el103-20.ece.usu.edu Linux el120-01.ece.usu.edu Linux el120-02.ece.usu.edu Linux el120-03.ece.usu.edu Linux el120-04.ece.usu.edu Linux el120-05.ece.usu.edu Linux el120-06.ece.usu.edu Linux el120-08.ece.usu.edu Linux el120-09.ece.usu.edu Linux el120-10.ece.usu.edu Linux el120-11.ece.usu.edu Linux el120-12.ece.usu.edu Linux el120-14.ece.usu.edu Linux eprocdev.banner.usu.edu Linux facreadyprod.pplant.usu.edu Linux facreadytestrhel.pplant.usu.edu Linux facshibsp2.pplant.usu.edu Linux guru.cluster Linux oms.db.usu.edu Linux paymentworksdev.banner.usu.edu Linux
References 3