Lucene search
JpcertCVELIST:CVE-2023-25950HistoryApr 11, 2023 - 12:00 a.m.
CVE-2023-25950
2023-04-1100:00:00
jpcert
www.cve.org
http
request smuggling
response
vulnerability
haproxy
version 2.7.0
version 2.6.1
version 2.6.7
remote attacker
alteration
user requests
information disclosure
dos
HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user’s request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition.
CNA Affected
[
{
"vendor": "HAProxy Technologies",
"product": "HAProxy",
"versions": [
{
"version": "version 2.7.0, and version 2.6.1 to 2.6.7",
"status": "affected"
}
]
}
]Related
redhatcve
redhatcve
CVE-2023-25950
2023-04-11 12:59:53
veracode
veracode
HTTP Request/Response Smuggling
2023-04-17 02:40:31
prion
prion
Race condition
2023-04-11 09:15:00
jvn
jvn
JVN#38170084: HAProxy vulnerable to HTTP request/response smuggling
2023-03-31 00:00:00
nessus
nessus
RHEL 9 : haproxy (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 7 : haproxy (Unpatched Vulnerability)
2024-05-11 00:00:00
debiancve
debiancve
CVE-2023-25950
2023-04-11 09:15:07
osv
osv
CVE-2023-25950
2023-04-11 09:15:07
BIT-haproxy-2023-25950
2024-03-06 10:53:25
ubuntucve
ubuntucve
CVE-2023-25950
2023-04-11 00:00:00
nvd
nvd
CVE-2023-25950
2023-04-11 09:15:07
cve
cve
CVE-2023-25950
2023-04-11 09:15:07
rosalinux
rosalinux
Advisory ROSA-SA-2024-2400
2024-04-17 13:35:24