HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user’s request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | haproxy | < 2.6.8-1 | haproxy_2.6.8-1_all.deb |
Debian | 11 | all | haproxy | < 2.2.9-2+deb11u6 | haproxy_2.2.9-2+deb11u6_all.deb |
Debian | 10 | all | haproxy | < 1.8.19-1+deb10u3 | haproxy_1.8.19-1+deb10u3_all.deb |
Debian | 999 | all | haproxy | < 2.6.8-1 | haproxy_2.6.8-1_all.deb |
Debian | 13 | all | haproxy | < 2.6.8-1 | haproxy_2.6.8-1_all.deb |