It was discovered that HAProxy incorrectly handled URI components containing the hash character (#). A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain path_end rules.
{ "availability": "No subscription required", "binaries": [ { "haproxy": "2.0.31-0ubuntu0.3", "haproxy-doc": "2.0.31-0ubuntu0.3", "vim-haproxy": "2.0.31-0ubuntu0.3", "haproxy-dbgsym": "2.0.31-0ubuntu0.3" } ] }
{ "availability": "No subscription required", "binaries": [ { "haproxy": "2.4.22-0ubuntu0.22.04.3", "haproxy-doc": "2.4.22-0ubuntu0.22.04.3", "vim-haproxy": "2.4.22-0ubuntu0.22.04.3", "haproxy-dbgsym": "2.4.22-0ubuntu0.22.04.3" } ] }