GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a "Transfer-Encoding: chunked" header. CREATE(Triage):(User=admin) CVE-2024-52530 (https://nvd.nist.gov/vuln/detail/CVE-2024-52530)
