CVE-2023-40225 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2023-40225

CVE-2023-40225

August 10, 2023

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.

Related Resources (6)

https://www.haproxy.org/download/2.6/src/CHANGELOG

https://github.com/haproxy/haproxy/commit/6492f1f29d738457ea9f382aca54537f35f9d856

https://www.haproxy.org/download/2.8/src/CHANGELOG

https://www.haproxy.org/download/2.7/src/CHANGELOG

https://cwe.mitre.org/data/definitions/436.html

https://github.com/haproxy/haproxy/issues/2237

Do you need more information?

CVSS v4

Base Score:

6.9

Attack Vector

NETWORK

Attack Complexity

LOW

Attack Requirements

NONE

Privileges Required

NONE

User Interaction

NONE

Vulnerable System Confidentiality

LOW

Vulnerable System Integrity

LOW

Vulnerable System Availability

NONE

Subsequent System Confidentiality

LOW

Subsequent System Integrity

LOW

Subsequent System Availability

NONE

CVSS v3

Base Score:

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Weakness Type (CWE)

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-444

EPSS

Base Score:

0.03

Products

Solutions

Resources

Company

Compare

Developer Tools