CLSA-2023-1703008559

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1703008559.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2023-1703008559
Upstream
Published
2023-12-19T17:56:03Z
Modified
2026-06-04T09:46:29.066606466Z
Summary
Fix CVE(s): CVE-2023-45539
Details
  • SECURITY UPDATE: Accepting '#' as part of the URI component might allow remote attackers to obtain sensitive information or have unspecified other impact
    • debian/patches/CVE-2023-45539.patch: h1: do not accept '#' as part of the URI component; h2: reject more chars from the :path pseudo header
    • CVE-2023-45539
References

Affected packages

TuxCare:Ubuntu:16.04 / haproxy

Package

Name
haproxy
Purl
pkg:deb/tuxcare/haproxy?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.3-1ubuntu0.3+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1703008559.json"

TuxCare:Ubuntu:16.04 / haproxy-doc

Package

Name
haproxy-doc
Purl
pkg:deb/tuxcare/haproxy-doc?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.3-1ubuntu0.3+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1703008559.json"

TuxCare:Ubuntu:16.04 / vim-haproxy

Package

Name
vim-haproxy
Purl
pkg:deb/tuxcare/vim-haproxy?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.3-1ubuntu0.3+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1703008559.json"