CVE-2023-40225 (haproxy) | allinfosecnews.com

Aug. 10, 2023, 9:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.

cases cve haproxy headers http length may payload request rfc server uncommon

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 7 months ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 7 months ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 7 months ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 7 months ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 7 months ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 7 months ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 7 months ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 7 months ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 7 months ago | web.nvd.nist.gov

android bypass check cve +10

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com