Описание
HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 5 | haproxy | Affected | ||
| Red Hat Enterprise Linux 7 | haproxy | Out of support scope | ||
| Red Hat Enterprise Linux 8 | haproxy | Not affected | ||
| Red Hat Enterprise Linux 9 | haproxy | Will not fix | ||
| Red Hat OpenShift Container Platform 3.11 | haproxy | Out of support scope | ||
| Red Hat OpenShift Container Platform 4 | haproxy | Not affected | ||
| Red Hat Software Collections | rh-haproxy18-haproxy | Will not fix |
Показывать по
Дополнительная информация
Статус:
7.3 High
CVSS3
Связанные уязвимости
HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition.
HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition.
HTTP request/response smuggling vulnerability in HAProxy version 2.7.0 ...
HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition.
7.3 High
CVSS3