Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specification).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
HAProxy 环境问题漏洞
Vulnerability Description
Haproxy HAProxy是法国HAProxy(Haproxy)公司的一款开源的TCP/HTTP负载均衡服务器。该服务器提供4层、7层代理,并能支持上万级别的连接,具有高效、稳定等特点。 HAProxy 2.0.6之前版本中存在安全漏洞。攻击者可利用该漏洞实施HTTP请求走私攻击。
CVSS Information
N/A
Vulnerability Type
N/A