HAProxy 2.8.0

CPE Details

HAProxy 2.8.0
haproxy
haproxy
2.8.0
2023-08-18
12h44 +00:00
2023-08-28
11h51 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:haproxy:haproxy:2.8.0:*:*:*:*:*:*:*

Informations

Vendor

haproxy

Product

haproxy

Version

2.8.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-45539 2023-11-27 23h00 +00:00 HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server.
8.2
Haute
CVE-2023-40225 2023-08-09 22h00 +00:00 HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.
7.2
Haute