CVE-2023-40225

high

Description

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.

References

https://www.haproxy.org/download/2.8/src/CHANGELOG

https://www.haproxy.org/download/2.7/src/CHANGELOG

https://www.haproxy.org/download/2.6/src/CHANGELOG

https://github.com/haproxy/haproxy/issues/2237

https://github.com/haproxy/haproxy/commit/6492f1f29d738457ea9f382aca54537f35f9d856

https://cwe.mitre.org/data/definitions/436.html

Details

Source: Mitre, NVD

Published: 2023-08-10

Updated: 2023-08-18

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 7.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Severity: High