2 matches found
AZL-13569 CVE-2023-25725 affecting package haproxy for versions less than 2.4.22-1
HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some...
HAProxy 安全漏洞
Haproxy HAProxy is an open source TCP/HTTP load balancing server from the French company Haproxy. The server provides 4-layer and 7-layer proxies and can support tens of thousands of levels of connections with high efficiency and stability. A security vulnerability exists in HAProxy versions prio...