CVE-2023-25725

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-25725

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-25725.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-25725

Aliases

BIT-haproxy-2023-25725

Related

Published

2023-02-14T19:15:11Z

Modified

2024-12-03T00:55:44.609609Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H CVSS Calculator

Summary

[none]

Details

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31.

References

Affected packages

Debian:11 / haproxy

Package

Name: haproxy
Purl: pkg:deb/debian/haproxy?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.9-2+deb11u4

Affected versions

2.*

2.2.9-2

2.2.9-2+deb11u1~bpo10+1

2.2.9-2+deb11u1

2.2.9-2+deb11u2~bpo10+1

2.2.9-2+deb11u2

2.2.9-2+deb11u3~bpo10+1

2.2.9-2+deb11u3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / haproxy

Package

Name: haproxy
Purl: pkg:deb/debian/haproxy?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.8-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / haproxy

Package

Name: haproxy
Purl: pkg:deb/debian/haproxy?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.8-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / git.haproxy.org/haproxy-2.7.git

Affected ranges

Type: GIT
Repo: https://git.haproxy.org/haproxy-2.7.git
Events: Introduced

a1efc048bf8a5e14466dbe7317e73117e8d66176

Fixed

e979796584266caca16250c64cec65d5ec6ff33c

Type: GIT
Repo: https://git.haproxy.org/haproxy.git
Events: Introduced

437fd289f2e32e56498d2d4da63852d483f284ef

Fixed

87e95d38a9b9b69462569cc75fd1687b3605be7b

Type: GIT
Repo: https://github.com/haproxy/haproxy
Events: Introduced

f2e0833f16aa8c09e1c7001ff55aac4f13c643b7

Fixed

35dc13f224fa3e54814f442a7f63cba642c0be53

Affected versions

v2.*

v2.5.0

v2.6.0

v2.7.0