CVE-2025-14523
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-11

Last updated on: 2026-03-19

Assigner: Red Hat, Inc.

Description
A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-11
Last Modified
2026-03-19
Generated
2026-06-16
AI Q&A
2025-12-11
EPSS Evaluated
2026-06-15
NVD
CVE-2025-14523
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
gnome libsoup 3.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-444 The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

This vulnerability can be detected by monitoring HTTP requests for multiple Host headers in the same request. You can capture and inspect HTTP traffic using tools like tcpdump or Wireshark to identify requests containing duplicate Host headers. For example, using tcpdump: tcpdump -A -s 0 'tcp port 80 or tcp port 443' | grep -i 'Host:'. Then manually check if multiple Host headers appear in a single request. Additionally, custom scripts or intrusion detection systems (IDS) rules can be created to alert on duplicate Host headers in HTTP requests. [1]

Executive Summary

This vulnerability is a flaw in libsoup's HTTP header handling that allows multiple Host headers in a single request. The server processes the last Host header, while common front proxies use the first one. This mismatch can cause confusion about which virtual host the request is intended for, enabling attacks like request smuggling, cache poisoning, or bypassing host-based access controls by supplying duplicate Host headers.

Impact Analysis

The vulnerability can lead to security issues such as request smuggling attacks, cache poisoning, and bypassing host-based access controls. This means an attacker could manipulate requests to access unauthorized backend services, poison caches to serve malicious content, or circumvent restrictions based on host headers, potentially compromising the integrity and security of your web services.

Mitigation Strategies

Immediate mitigation steps include updating libsoup to a version where this vulnerability is fixed, if available. As a temporary workaround, configure front-end proxies or web application firewalls (WAFs) to reject or normalize HTTP requests containing multiple Host headers to prevent host header confusion. Also, review and tighten host-based access control lists (ACLs) and caching policies to reduce the risk of bypass or cache poisoning due to this issue. [1]

Compliance Impact

The provided resources do not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14523. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart