๐Ÿ” CVE Alert

CVE-2023-40225

UNKNOWN 0.0
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.

Vendor n/a
Product n/a
Published Aug 10, 2023
Last Updated Oct 9, 2024
Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new unknown vulnerabilities affecting n/a n/a are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

n/a / n/a
n/a

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/haproxy/haproxy/issues/2237 github.com: https://github.com/haproxy/haproxy/commit/6492f1f29d738457ea9f382aca54537f35f9d856 haproxy.org: https://www.haproxy.org/download/2.8/src/CHANGELOG haproxy.org: https://www.haproxy.org/download/2.7/src/CHANGELOG haproxy.org: https://www.haproxy.org/download/2.6/src/CHANGELOG cwe.mitre.org: https://cwe.mitre.org/data/definitions/436.html