Описание
Inconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL (Access Control List) set on the product. As a result, the attacker may obtain sensitive information.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.9.10-1ubuntu1 |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | not-affected | code not present |
| esm-infra/xenial | not-affected | code not present |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| noble | released | 2.8.5-1ubuntu3.2 |
| oracular | not-affected | 2.9.10-1ubuntu1 |
| upstream | released | 2.6.19,2.8.11,2.9.10 |
Показывать по
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
Inconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL (Access Control List) set on the product. As a result, the attacker may obtain sensitive information.
Inconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL (Access Control List) set on the product. As a result, the attacker may obtain sensitive information.
Inconsistent interpretation of HTTP requests ('HTTP Request/Response S ...
EPSS
5.3 Medium
CVSS3