CVE-2023-40225

Name
CVE-2023-40225
Description
HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://www.haproxy.org/download/2.8/src/CHANGELOG
MISC https://www.haproxy.org/download/2.6/src/CHANGELOG
MISC https://cwe.mitre.org/data/definitions/436.html
MISC https://github.com/haproxy/haproxy/issues/2237
MISC https://www.haproxy.org/download/2.7/src/CHANGELOG
MISC https://github.com/haproxy/haproxy/commit/6492f1f29d738457ea9f382aca54537f35f9d856

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:* haproxy >= None <= 2.0.32
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:* haproxy >= 2.4.0 <= 2.4.23
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:* haproxy >= 2.2.0 <= 2.2.30
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:* haproxy >= 2.8.0 < 2.8.2
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:* haproxy >= 2.7.0 < 2.7.10
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:* haproxy >= 2.5.0 < 2.6.15

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
haproxy 3.15-main 2.4.23-r0 Milan P. Stanić <mps@arvanta.net> possibly vulnerable