BIT-haproxy-2023-45539

Import Source
https://github.com/bitnami/vulndb/tree/main/data/haproxy/BIT-haproxy-2023-45539.json
Aliases
Published
2024-01-31T15:14:06.461Z
Modified
2024-01-31T15:40:39.817Z
Details

HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server.

References

Affected packages

Bitnami / haproxy

Package

Name
haproxy

Affected ranges

Type
SEMVER
Events
Introduced
0The exact introduced commit is unknown
Fixed
2.8.2