N/A

Inconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL (Access Control List) set on the product. As a result, the attacker may obtain sensitive information.

N/A

HTTP请求的解释不一致性(HTTP请求私运)

HAProxy 安全漏洞

HAProxy是法国HAProxy公司的一款开源的TCP/HTTP负载均衡服务器。该服务器提供4层、7层代理，并能支持上万级别的连接，具有高效、稳定等特点。 HAProxy存在安全漏洞，该漏洞源于接受格式错误的HTTP标头，容易受到HTTP请求/响应走私攻击，远程攻击者可以访问产品上的敏感信息。

N/A

N/A