BIT-haproxy-2023-25725

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/haproxy/BIT-haproxy-2023-25725.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-haproxy-2023-25725
Aliases
Published
2024-03-06T10:53:39.092Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31.

Database specific
{
    "cpes": [
        "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*"
    ],
    "severity": "Critical"
}
References

Affected packages

Bitnami / haproxy

Package

Name
haproxy
Purl
pkg:bitnami/haproxy

Severity

  • 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.31
Introduced
2.1.0
Fixed
2.2.29
Introduced
2.3.0
Fixed
2.4.22
Introduced
2.5.0
Fixed
2.5.12
Introduced
2.6.0
Fixed
2.6.9
Introduced
2.7.0
Fixed
2.7.3