Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-nbx2-3qh6-tqa3

Summary libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins)

Aliases

alias	CVE-2025-14523

Fixed_packages

url	pkg:deb/debian/libsoup3@3.6.5-7?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.5-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-7%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
purl	pkg:deb/debian/libsoup3@3.6.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1%3Fdistro=trixie

url	pkg:deb/debian/libsoup3@3.6.6-1
purl	pkg:deb/debian/libsoup3@3.6.6-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.6-1

Affected_packages

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2

url pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libsoup3@3.2.3-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-4scr-ppqy-5ugf

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-7hhg-3u9v-nqfw

vulnerability	VCID-9uua-rxjd-fkf6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-rd74-1427-eybf

vulnerability	VCID-sabm-gujq-j3fb

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-v11f-c1ed-j7d1

vulnerability	VCID-vsry-jr8n-zba8

vulnerability	VCID-yx68-81fu-ffar

vulnerability	VCID-zhp7-2ks9-m7es

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.2.3-0%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

purl pkg:deb/debian/libsoup3@3.6.5-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3%3Fdistro=trixie

url pkg:deb/debian/libsoup3@3.6.5-3

purl pkg:deb/debian/libsoup3@3.6.5-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1vz1-x5py-dkg5

vulnerability	VCID-3zqd-pcvp-a7ed

vulnerability	VCID-6sbg-fgfs-43b6

vulnerability	VCID-cjwc-3fs8-17ef

vulnerability	VCID-dnrq-3tff-nfc3

vulnerability	VCID-ka6q-xta6-ukdp

vulnerability	VCID-mxjn-d8v7-8ubc

vulnerability	VCID-nbx2-3qh6-tqa3

vulnerability	VCID-nu2x-tpra-4few

vulnerability	VCID-sccj-juvj-5ud5

vulnerability	VCID-tpky-j79x-pqd4

vulnerability	VCID-vsry-jr8n-zba8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libsoup3@3.6.5-3

url pkg:rpm/redhat/libsoup@2.62.2-10?arch=el7_9

purl pkg:rpm/redhat/libsoup@2.62.2-10?arch=el7_9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.62.2-10%3Farch=el7_9

url pkg:rpm/redhat/libsoup@2.62.3-1.el8_2?arch=7

purl pkg:rpm/redhat/libsoup@2.62.3-1.el8_2?arch=7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.62.3-1.el8_2%3Farch=7

url pkg:rpm/redhat/libsoup@2.62.3-2.el8_4?arch=7

purl pkg:rpm/redhat/libsoup@2.62.3-2.el8_4?arch=7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.62.3-2.el8_4%3Farch=7

url pkg:rpm/redhat/libsoup@2.62.3-2.el8_6?arch=7

purl pkg:rpm/redhat/libsoup@2.62.3-2.el8_6?arch=7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.62.3-2.el8_6%3Farch=7

url pkg:rpm/redhat/libsoup@2.62.3-3.el8_8?arch=7

purl pkg:rpm/redhat/libsoup@2.62.3-3.el8_8?arch=7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.62.3-3.el8_8%3Farch=7

url pkg:rpm/redhat/libsoup@2.62.3-11?arch=el8_10

purl pkg:rpm/redhat/libsoup@2.62.3-11?arch=el8_10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.62.3-11%3Farch=el8_10

url pkg:rpm/redhat/libsoup@2.72.0-8.el9_0?arch=8

purl pkg:rpm/redhat/libsoup@2.72.0-8.el9_0?arch=8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-8.el9_0%3Farch=8

url pkg:rpm/redhat/libsoup@2.72.0-8.el9_2?arch=8

purl pkg:rpm/redhat/libsoup@2.72.0-8.el9_2?arch=8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-8.el9_2%3Farch=8

url pkg:rpm/redhat/libsoup@2.72.0-8.el9_4?arch=8

purl pkg:rpm/redhat/libsoup@2.72.0-8.el9_4?arch=8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-8.el9_4%3Farch=8

url pkg:rpm/redhat/libsoup@2.72.0-10.el9_6?arch=5

purl pkg:rpm/redhat/libsoup@2.72.0-10.el9_6?arch=5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-10.el9_6%3Farch=5

url pkg:rpm/redhat/libsoup@2.72.0-12.el9_7?arch=3

purl pkg:rpm/redhat/libsoup@2.72.0-12.el9_7?arch=3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup@2.72.0-12.el9_7%3Farch=3

url pkg:rpm/redhat/libsoup3@3.6.5-3.el10_0?arch=11

purl pkg:rpm/redhat/libsoup3@3.6.5-3.el10_0?arch=11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup3@3.6.5-3.el10_0%3Farch=11

url pkg:rpm/redhat/libsoup3@3.6.5-3.el10_1?arch=8

purl pkg:rpm/redhat/libsoup3@3.6.5-3.el10_1?arch=8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libsoup3@3.6.5-3.el10_1%3Farch=8

url pkg:rpm/redhat/spice-client-win@8.10-6.el8_2?arch=1

purl pkg:rpm/redhat/spice-client-win@8.10-6.el8_2?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/spice-client-win@8.10-6.el8_2%3Farch=1

url pkg:rpm/redhat/spice-client-win@8.10-6.el8_4?arch=1

purl pkg:rpm/redhat/spice-client-win@8.10-6.el8_4?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/spice-client-win@8.10-6.el8_4%3Farch=1

url pkg:rpm/redhat/spice-client-win@8.10-6.el8_6?arch=1

purl pkg:rpm/redhat/spice-client-win@8.10-6.el8_6?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/spice-client-win@8.10-6.el8_6%3Farch=1

url pkg:rpm/redhat/spice-client-win@8.10-6.el8_8?arch=1

purl pkg:rpm/redhat/spice-client-win@8.10-6.el8_8?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/spice-client-win@8.10-6.el8_8%3Farch=1

url pkg:rpm/redhat/spice-client-win@8.10-6.el8_10?arch=1

purl pkg:rpm/redhat/spice-client-win@8.10-6.el8_10?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-nbx2-3qh6-tqa3

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/spice-client-win@8.10-6.el8_10%3Farch=1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14523.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14523.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-14523

reference_id

reference_type

scores

value	0.00018
scoring_system	epss
scoring_elements	0.04291
published_at	2026-04-02T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04312
published_at	2026-04-04T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04323
published_at	2026-04-07T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04355
published_at	2026-04-08T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04371
published_at	2026-04-09T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04364
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05571
published_at	2026-04-18T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05607
published_at	2026-04-13T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05558
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05729
published_at	2026-04-21T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05614
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-14523

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14523
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14523

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122667
reference_id	1122667
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122667

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2421349

reference_id

2421349

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2421349

reference_url

https://gitlab.gnome.org/GNOME/libsoup/-/issues/472

reference_id

472

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://gitlab.gnome.org/GNOME/libsoup/-/issues/472

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
reference_id	cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1
reference_id	cpe:/o:redhat:enterprise_linux:10.1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0
reference_id	cpe:/o:redhat:enterprise_linux_eus:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id	cpe:/o:redhat:rhel_els:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_id	cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-14523

reference_id

CVE-2025-14523

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/security/cve/CVE-2025-14523

reference_url

https://access.redhat.com/errata/RHSA-2026:0421

reference_id

RHSA-2026:0421

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:0421

reference_url

https://access.redhat.com/errata/RHSA-2026:0422

reference_id

RHSA-2026:0422

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:0422

reference_url

https://access.redhat.com/errata/RHSA-2026:0423

reference_id

RHSA-2026:0423

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:0423

reference_url

https://access.redhat.com/errata/RHSA-2026:0836

reference_id

RHSA-2026:0836

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:0836

reference_url

https://access.redhat.com/errata/RHSA-2026:0867

reference_id

RHSA-2026:0867

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:0867

reference_url

https://access.redhat.com/errata/RHSA-2026:0868

reference_id

RHSA-2026:0868

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:0868

reference_url

https://access.redhat.com/errata/RHSA-2026:0905

reference_id

RHSA-2026:0905

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:0905

reference_url

https://access.redhat.com/errata/RHSA-2026:0906

reference_id

RHSA-2026:0906

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:0906

reference_url

https://access.redhat.com/errata/RHSA-2026:0907

reference_id

RHSA-2026:0907

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:0907

reference_url

https://access.redhat.com/errata/RHSA-2026:0908

reference_id

RHSA-2026:0908

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:0908

reference_url

https://access.redhat.com/errata/RHSA-2026:0909

reference_id

RHSA-2026:0909

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:0909

reference_url

https://access.redhat.com/errata/RHSA-2026:0911

reference_id

RHSA-2026:0911

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:0911

reference_url

https://access.redhat.com/errata/RHSA-2026:0925

reference_id

RHSA-2026:0925

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:0925

reference_url

https://access.redhat.com/errata/RHSA-2026:1509

reference_id

RHSA-2026:1509

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:1509

reference_url

https://access.redhat.com/errata/RHSA-2026:1569

reference_id

RHSA-2026:1569

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:1569

reference_url

https://access.redhat.com/errata/RHSA-2026:1570

reference_id

RHSA-2026:1570

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:1570

reference_url

https://access.redhat.com/errata/RHSA-2026:1571

reference_id

RHSA-2026:1571

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:1571

reference_url

https://access.redhat.com/errata/RHSA-2026:1572

reference_id

RHSA-2026:1572

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T14:49:20Z/

url

https://access.redhat.com/errata/RHSA-2026:1572

Weaknesses

cwe_id	444
name	Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
description	The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

Exploits

Severity_range_score 8.2 - 8.2

Exploitability 0.5

Weighted_severity 7.4

Risk_score 3.7

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nbx2-3qh6-tqa3

Vulnerability Instance