CLSA-2023-1703611617

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1703611617.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2023-1703611617
Upstream
Published
2023-12-26T17:27:00Z
Modified
2026-06-04T09:47:15.834760512Z
Summary
Fix CVE(s): CVE-2023-45539
Details
  • SECURITY UPDATE: Accepting '#' as part of the URI component might allow remote attackers to obtain sensitive information or have unspecified other impact
    • debian/patches/CVE-2023-45539.patch: h1: do not accept '#' as part of the URI component; h2: reject more chars from the :path pseudo header
    • CVE-2023-45539
References

Affected packages

TuxCare:Ubuntu:18.04 / haproxy

Package

Name
haproxy
Purl
pkg:deb/tuxcare/haproxy?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.8-1ubuntu0.13.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1703611617.json"

TuxCare:Ubuntu:18.04 / haproxy-doc

Package

Name
haproxy-doc
Purl
pkg:deb/tuxcare/haproxy-doc?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.8-1ubuntu0.13.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1703611617.json"

TuxCare:Ubuntu:18.04 / vim-haproxy

Package

Name
vim-haproxy
Purl
pkg:deb/tuxcare/vim-haproxy?distro=ubuntu-18.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.8-1ubuntu0.13.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1703611617.json"