Wind River Support Network

HomeDefectsLIN1021-15304
Fixed

LIN1021-15304 : Security Advisory - libsoup&libsoup-2.4 - CVE-2025-46421

Created: Apr 24, 2025    Updated: Nov 27, 2025
Resolved Date: Nov 27, 2025
Found In Version: 10.21.20.1
Fix Version: 10.21.20.26
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect.

CREATE(Triage):(User=admin) CVE-2025-46421 (https://nvd.nist.gov/vuln/detail/CVE-2025-46421)

CVEs

  • Linkedin
  • Facebook
  • Twitter
  • Youtube