CVE-2025-14523: libsoup HTTP SSRF Vulnerability

CVE-2025-14523 Overview

CVE-2025-14523 is a flaw in libsoup, the GNOME HTTP client and server library, that mishandles requests containing multiple Host: headers. The library returns the last occurrence of the header for server-side processing, while many front-end proxies honor the first occurrence. This parser discrepancy creates virtual host (vhost) confusion conditions that attackers can weaponize for HTTP request smuggling, cache poisoning, and bypass of host-based access controls. The weakness is classified under CWE-444: Inconsistent Interpretation of HTTP Requests. Red Hat has shipped patches across multiple product streams via more than a dozen advisories tracked through the Red Hat CVE Report CVE-2025-14523.

Critical Impact

Attackers can route requests past front-end proxies to unintended backends, enabling request smuggling, cache poisoning, and bypass of host-based access controls when duplicate Host: headers are accepted.

Affected Products

• GNOME libsoup HTTP client/server library
• Red Hat Enterprise Linux distributions shipping libsoup (see Red Hat advisories RHSA-2026:0421 through RHSA-2026:1572)
• Applications and services that embed libsoup for HTTP handling behind a reverse proxy

Discovery Timeline

• 2025-12-11 - CVE-2025-14523 published to NVD
• 2026-04-15 - Last updated in NVD database

Technical Details for CVE-2025-14523

Vulnerability Analysis

The vulnerability stems from how libsoup parses inbound HTTP request headers. When a request carries more than one Host: header, libsoup does not reject the request or normalize it. Instead, the library exposes the last Host: value to the server-side application logic. RFC 7230 requires that any request with multiple Host: headers be treated as malformed and rejected with HTTP 400. Common front-end components such as Nginx, HAProxy, Apache mod_proxy, and many CDN edges either reject the request or process the first Host: header for routing decisions. The mismatch between the proxy's view of the destination host and the backend's view of the destination host is the foundation of the attack.

Root Cause

The root cause is permissive HTTP header parsing inside libsoup's message handling code. The library accepts duplicate singleton headers that the HTTP specification defines as unique. Returning the last occurrence rather than rejecting the request violates RFC 7230 Section 5.4 and produces inconsistent interpretation between cooperating HTTP intermediaries. See the upstream report at GNOME Issue Tracker #472 and Red Hat Bug Tracker ID 2421349 for the maintainer discussion.

Attack Vector

An unauthenticated remote attacker sends a single crafted HTTP request that contains two Host: headers, one pointing to a permitted virtual host and a second pointing to a restricted backend. The front proxy honors the first header and forwards the request. The libsoup-based backend processes the second header and serves content scoped to the attacker-chosen vhost. The same primitive supports cache poisoning when the cache key derives from the proxy view of Host: but the response body reflects the backend view. The attack requires no user interaction, no privileges, and operates over the network.

No public proof-of-concept code is referenced in the advisory. The exploitation pattern follows the well-documented HTTP request smuggling and vhost confusion classes described in the security literature.

Detection Methods for CVE-2025-14523

Indicators of Compromise

• HTTP requests in proxy or web server logs containing more than one Host: header in a single request
• Cache entries where the cached Host: does not match the backend-rendered host context
• Backend application logs showing requests to virtual hosts that should not be reachable through the public edge
• Unexpected 200 responses for restricted administrative or internal vhosts from external source IPs

Detection Strategies

• Inspect raw HTTP request streams at the proxy or WAF for duplicate header names, focusing on Host:, Content-Length:, and Transfer-Encoding:
• Compare the Host: value logged by the front-end proxy with the host value logged by the libsoup-based backend for the same request ID
• Run authenticated vulnerability scans that identify libsoup version on hosts and flag versions below the fixed packages listed in the Red Hat advisories
• Add WAF or proxy rules that reject any request containing more than one Host: header with HTTP 400

Monitoring Recommendations

• Forward proxy access logs and backend access logs into a centralized analytics platform and correlate by request identifier or timestamp
• Alert on responses for sensitive vhost names served from edges that should not expose them
• Track the deployed libsoup package version across the fleet and alert when unpatched versions reappear after rollback or container redeploy

How to Mitigate CVE-2025-14523

Immediate Actions Required

• Apply the libsoup updates shipped in the relevant Red Hat advisory for your platform, including RHSA-2026:0421, RHSA-2026:0422, RHSA-2026:0423, RHSA-2026:0836, RHSA-2026:0867, RHSA-2026:0868, RHSA-2026:0905–RHSA-2026:0911, RHSA-2026:0925, and RHSA-2026:1509–RHSA-2026:1572
• Restart all services that load libsoup after the package update to ensure the patched library is in use
• Audit application logs for prior requests carrying duplicate Host: headers and treat positive matches as suspected smuggling attempts

Patch Information

Red Hat has published fixed packages through the advisories listed under Red Hat CVE Report CVE-2025-14523. The upstream fix is tracked in GNOME Issue Tracker #472. Distributions that consume libsoup should rebase to the patched release that rejects requests containing duplicate singleton headers including Host:.

Workarounds

• Configure the front-end proxy or WAF to reject any HTTP request containing more than one Host: header before it reaches a libsoup-based backend
• Enforce strict HTTP/1.1 compliance at the edge, including rejection of requests with conflicting Content-Length and Transfer-Encoding headers, to reduce the surface for related smuggling attacks
• Restrict backend virtual host resolution so that only explicitly allowlisted host names are served, and return HTTP 421 or 404 for unexpected Host: values

# Example Nginx edge rule to drop requests with duplicate Host headers
map $http_host $duplicate_host {
    default 0;
    "~,"    1;
}

server {
    listen 443 ssl;
    if ($duplicate_host) {
        return 400;
    }
    location / {
        proxy_pass http://libsoup_backend;
    }
}