All the vulnerabilites related to HAProxy Technologies - HAProxy
jvndb-2024-000122
Vulnerability from jvndb
Published
2024-11-27 14:36
Modified
2024-11-27 14:36
Severity ?
Summary
HAProxy vulnerable to HTTP request/response smuggling
Details
HAProxy HTTP/3 implementation contains an issue on accepting malformed HTTP headers. When a request including malformed HTTP headers is forwarded to a HTTP/1.1 non-compliant back-end server, it is exploited to conduct an HTTP request/response smuggling attack (CWE-444).
Yuki Mogi of FFRI Security, Inc. reported this vulnerability to the developer and coordinated. After the coordination was completed, JPCERT/CC coordinated with the developer to publish this advisory in order to notify users of the solution through JVN.
References
| ▼ | Type | URL |
|---|---|---|
| JVN | https://jvn.jp/en/jp/JVN88385716/index.html | |
| CVE | https://www.cve.org/CVERecord?id=CVE-2024-53008 | |
| No Mapping(CWE-Other) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| HAProxy Technologies | HAProxy |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000122.html",
"dc:date": "2024-11-27T14:36+09:00",
"dcterms:issued": "2024-11-27T14:36+09:00",
"dcterms:modified": "2024-11-27T14:36+09:00",
"description": "HAProxy HTTP/3 implementation contains an issue on accepting malformed HTTP headers. When a request including malformed HTTP headers is forwarded to a HTTP/1.1 non-compliant back-end server, it is exploited to conduct an HTTP request/response smuggling attack (CWE-444).\r\n\r\nYuki Mogi of FFRI Security, Inc. reported this vulnerability to the developer and coordinated. After the coordination was completed, JPCERT/CC coordinated with the developer to publish this advisory in order to notify users of the solution through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000122.html",
"sec:cpe": {
"#text": "cpe:/a:haproxy:haproxy",
"@product": "HAProxy",
"@vendor": "HAProxy Technologies",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2024-000122",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN88385716/index.html",
"@id": "JVN#88385716",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-53008",
"@id": "CVE-2024-53008",
"@source": "CVE"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "HAProxy vulnerable to HTTP request/response smuggling"
}
jvndb-2023-000030
Vulnerability from jvndb
Published
2023-03-31 15:54
Modified
2024-06-04 16:17
Severity ?
Summary
HAProxy vulnerable to HTTP request/response smuggling
Details
HAProxy's HTTP/3 implementation fails to block a malformed HTTP header field name, and when deployed in front of a server that incorrectly process this malformed header, it may be used to conduct an HTTP request/response smuggling attack (CWE-444).
Yuki Mogi of FFRI Security, Inc. reported this vulnerability to the developer and coordinated. The developer and JPCERT/CC published this advisory in order to notify users of this vulnerability.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| HAProxy Technologies | HAProxy |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000030.html",
"dc:date": "2024-06-04T16:17+09:00",
"dcterms:issued": "2023-03-31T15:54+09:00",
"dcterms:modified": "2024-06-04T16:17+09:00",
"description": "HAProxy\u0027s HTTP/3 implementation fails to block a malformed HTTP header field name, and when deployed in front of a server that incorrectly process this malformed header, it may be used to conduct an HTTP request/response smuggling attack (CWE-444).\r\n\r\nYuki Mogi of FFRI Security, Inc. reported this vulnerability to the developer and coordinated. The developer and JPCERT/CC published this advisory in order to notify users of this vulnerability.",
"link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000030.html",
"sec:cpe": {
"#text": "cpe:/a:haproxy:haproxy",
"@product": "HAProxy",
"@vendor": "HAProxy Technologies",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "5.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "5.6",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2023-000030",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN38170084/index.html",
"@id": "JVN#38170084",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-25950",
"@id": "CVE-2023-25950",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25950",
"@id": "CVE-2023-25950",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "HAProxy vulnerable to HTTP request/response smuggling"
}
cve-2023-25950
Vulnerability from cvelistv5
Published
2023-04-11 00:00
Modified
2024-08-02 11:39
Severity ?
EPSS score ?
Summary
HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | HAProxy Technologies | HAProxy |
Version: version 2.7.0, and version 2.6.1 to 2.6.7 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.556Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.haproxy.org/"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN38170084/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HAProxy",
"vendor": "HAProxy Technologies",
"versions": [
{
"status": "affected",
"version": "version 2.7.0, and version 2.6.1 to 2.6.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user\u0027s request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Inconsistent interpretation of HTTP requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T00:00:00",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.haproxy.org/"
},
{
"url": "https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46"
},
{
"url": "https://jvn.jp/en/jp/JVN38170084/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2023-25950",
"datePublished": "2023-04-11T00:00:00",
"dateReserved": "2023-03-15T00:00:00",
"dateUpdated": "2024-08-02T11:39:06.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}