5 matches found
CLSA-2026-1776343034 haproxy: Fix of CVE-2023-45539
CVE-2023-45539: reject '' as part of the URI to prevent ACL bypass via pathend rules...
MiracleLinux 8 : haproxy-1.8.27-5.el8_10.1 (AXSA:2024-8984:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8984:02 advisory. haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers CVE-2023-45539 Tenable has extracted the preceding description...
CLSA-2023-1703183093 haproxy: Fix of CVE-2023-45539
CVE-2023-45539: do not accept '' as part of the URI component...
CLSA-2023-1703181305 haproxy: Fix of CVE-2023-45539
CVE-2023-45539: h1: do not accept '' as part of the URI component; h2: reject more chars from the :path pseudo header...
CLSA-2023-1703008559 Fix CVE(s): CVE-2023-45539
SECURITY UPDATE: Accepting '' as part of the URI component might allow remote attackers to obtain sensitive information or have unspecified other impact - debian/patches/CVE-2023-45539.patch: h1: do not accept '' as part of the URI component; h2: reject more chars from the :path pseudo header -...