cvelistv5 - CVE-2023-25950

CVE-2023-25950

Vulnerability from cvelistv5

Published

2023-04-11 00:00

Modified

2025-02-11 15:41

Severity ?

7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Summary

HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition.

References

URL	Tags
vultures@jpcert.or.jp	https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46
vultures@jpcert.or.jp	https://jvn.jp/en/jp/JVN38170084/	Third Party Advisory, VDB Entry
vultures@jpcert.or.jp	https://www.haproxy.org/	Product
af854a3a-2127-422b-91ae-364da2661108	https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46
af854a3a-2127-422b-91ae-364da2661108	https://jvn.jp/en/jp/JVN38170084/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.haproxy.org/	Product

Impacted products

▼	Vendor	Product
	HAProxy Technologies	HAProxy

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:39:06.556Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.haproxy.org/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/jp/JVN38170084/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 7.3,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-25950",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-11T15:38:25.690729Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-444",
                "description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-11T15:41:36.728Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "HAProxy",
          "vendor": "HAProxy Technologies",
          "versions": [
            {
              "status": "affected",
              "version": "version 2.7.0, and version 2.6.1 to 2.6.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user\u0027s request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Inconsistent interpretation of HTTP requests (\u0027HTTP Request/Response Smuggling\u0027)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-11T00:00:00.000Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://www.haproxy.org/"
        },
        {
          "url": "https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46"
        },
        {
          "url": "https://jvn.jp/en/jp/JVN38170084/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2023-25950",
    "datePublished": "2023-04-11T00:00:00.000Z",
    "dateReserved": "2023-03-15T00:00:00.000Z",
    "dateUpdated": "2025-02-11T15:41:36.728Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-25950\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2023-04-11T09:15:07.937\",\"lastModified\":\"2025-02-11T16:15:32.640\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user\u0027s request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.1\",\"versionEndIncluding\":\"2.6.7\",\"matchCriteriaId\":\"2B5851EB-42FF-48AB-AB3B-25CB8C671475\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:2.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3C053BE-78C8-475F-8D2B-56FAD7B0E0D2\"}]}]}],\"references\":[{\"url\":\"https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://jvn.jp/en/jp/JVN38170084/\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.haproxy.org/\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Product\"]},{\"url\":\"https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://jvn.jp/en/jp/JVN38170084/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.haproxy.org/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]}]}}"
  }
}

wid-sec-w-2023-0819

Vulnerability from csaf_certbund

Published

2023-03-30 22:00

Modified

2023-03-30 22:00

Summary

HAProxy Enterprise: Schwachstelle ermöglicht HTTP Request Smuggling

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

HAProxy Enterprise ist ein weit verbreiteter Open Source Software Load Balancer und Application Delivery Controller.

Angriff

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in HAProxy Enterprise ausnutzen, um einen HTTP Request Smuggling Angriff durchzuführen.

Betroffene Betriebssysteme

- UNIX - Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "HAProxy Enterprise ist ein weit verbreiteter Open Source Software Load Balancer und Application Delivery Controller.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in HAProxy Enterprise ausnutzen, um einen HTTP Request Smuggling Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-0819 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0819.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-0819 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0819"
      },
      {
        "category": "external",
        "summary": "JPCERT vom 2023-03-30",
        "url": "http://jvn.jp/en/jp/JVN38170084/index.html"
      }
    ],
    "source_lang": "en-US",
    "title": "HAProxy Enterprise: Schwachstelle erm\u00f6glicht HTTP Request Smuggling",
    "tracking": {
      "current_release_date": "2023-03-30T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:47:41.918+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-0819",
      "initial_release_date": "2023-03-30T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-03-30T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "HAProxy Enterprise \u003c 2.6.8",
                "product": {
                  "name": "HAProxy Enterprise \u003c 2.6.8",
                  "product_id": "1343509",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:haproxy:haproxy:2.6.8"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HAProxy Enterprise \u003c 2.7.1",
                "product": {
                  "name": "HAProxy Enterprise \u003c 2.7.1",
                  "product_id": "1343510",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:haproxy:haproxy:2.7.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise"
          }
        ],
        "category": "vendor",
        "name": "HAProxy"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-25950",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in HAProxy Enterprise. Ein fehlerhafter HTTP-Header-Feldnamen wird in der HTTP/3-Implementierung nicht sachgem\u00e4\u00df blockiert, was zu einem HTTP-Request/Response-Schmuggelangriff genutzt werden kann. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen, oder einen Denial of Service zu verursachen."
        }
      ],
      "release_date": "2023-03-30T22:00:00.000+00:00",
      "title": "CVE-2023-25950"
    }
  ]
}

CVE-2023-25950

Vulnerability from jvndb

Published

2023-03-31 15:54

Modified

2024-06-04 16:17

Severity ?

5.6 (Medium) - cvssV3_0 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Summary

HAProxy vulnerable to HTTP request/response smuggling

Details

HAProxy's HTTP/3 implementation fails to block a malformed HTTP header field name, and when deployed in front of a server that incorrectly process this malformed header, it may be used to conduct an HTTP request/response smuggling attack (CWE-444). Yuki Mogi of FFRI Security, Inc. reported this vulnerability to the developer and coordinated. The developer and JPCERT/CC published this advisory in order to notify users of this vulnerability.

References

▼	Type	URL
	JVN	http://jvn.jp/en/jp/JVN38170084/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2023-25950
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-25950
	No Mapping(CWE-Other)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

▼	Vendor	Product
	HAProxy Technologies	HAProxy

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000030.html",
  "dc:date": "2024-06-04T16:17+09:00",
  "dcterms:issued": "2023-03-31T15:54+09:00",
  "dcterms:modified": "2024-06-04T16:17+09:00",
  "description": "HAProxy\u0027s HTTP/3 implementation fails to block a malformed HTTP header field name, and when deployed in front of a server that incorrectly process this malformed header, it may be used to conduct an HTTP request/response smuggling attack (CWE-444).\r\n\r\nYuki Mogi of FFRI Security, Inc. reported this vulnerability to the developer and coordinated. The developer and JPCERT/CC published this advisory in order to notify users of this vulnerability.",
  "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000030.html",
  "sec:cpe": {
    "#text": "cpe:/a:haproxy:haproxy",
    "@product": "HAProxy",
    "@vendor": "HAProxy Technologies",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "5.1",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
      "@version": "2.0"
    },
    {
      "@score": "5.6",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2023-000030",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN38170084/index.html",
      "@id": "JVN#38170084",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2023-25950",
      "@id": "CVE-2023-25950",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-25950",
      "@id": "CVE-2023-25950",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "HAProxy vulnerable to HTTP request/response smuggling"
}

gsd-2023-25950

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2023-25950

Aliases

CVE-2023-25950

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-25950",
    "id": "GSD-2023-25950"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-25950"
      ],
      "details": "HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user\u0027s request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition.",
      "id": "GSD-2023-25950",
      "modified": "2023-12-13T01:20:40.017537Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vultures@jpcert.or.jp",
        "ID": "CVE-2023-25950",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "HAProxy",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "version 2.7.0, and version 2.6.1 to 2.6.7"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "HAProxy Technologies"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user\u0027s request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Inconsistent interpretation of HTTP requests (\u0027HTTP Request/Response Smuggling\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.haproxy.org/",
            "refsource": "MISC",
            "url": "https://www.haproxy.org/"
          },
          {
            "name": "https://git.haproxy.org/?p=haproxy-2.7.git;a=commit;h=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46",
            "refsource": "MISC",
            "url": "https://git.haproxy.org/?p=haproxy-2.7.git;a=commit;h=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46"
          },
          {
            "name": "https://jvn.jp/en/jp/JVN38170084/",
            "refsource": "MISC",
            "url": "https://jvn.jp/en/jp/JVN38170084/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:haproxy:haproxy:2.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.6.7",
                "versionStartIncluding": "2.6.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2023-25950"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user\u0027s request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-444"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://jvn.jp/en/jp/JVN38170084/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://jvn.jp/en/jp/JVN38170084/"
            },
            {
              "name": "https://git.haproxy.org/?p=haproxy-2.7.git;a=commit;h=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46",
              "refsource": "MISC",
              "tags": [
                "Mailing List",
                "Patch"
              ],
              "url": "https://git.haproxy.org/?p=haproxy-2.7.git;a=commit;h=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46"
            },
            {
              "name": "https://www.haproxy.org/",
              "refsource": "MISC",
              "tags": [
                "Product"
              ],
              "url": "https://www.haproxy.org/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.4
        }
      },
      "lastModifiedDate": "2023-04-21T18:03Z",
      "publishedDate": "2023-04-11T09:15Z"
    }
  }
}

ghsa-g72c-cx82-64hq

Vulnerability from github

Published

2023-04-11 09:30

Modified

2024-04-04 03:23

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-25950"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-444"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-11T09:15:00Z",
    "severity": "HIGH"
  },
  "details": "HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user\u0027s request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition.",
  "id": "GHSA-g72c-cx82-64hq",
  "modified": "2024-04-04T03:23:56Z",
  "published": "2023-04-11T09:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25950"
    },
    {
      "type": "WEB",
      "url": "https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46"
    },
    {
      "type": "WEB",
      "url": "https://git.haproxy.org/?p=haproxy-2.7.git;a=commit;h=3ca4223c5e1f18a19dc93b0b09ffdbd295554d46"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/jp/JVN38170084"
    },
    {
      "type": "WEB",
      "url": "https://www.haproxy.org"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Action not permitted

CVE-2023-25950

Vulnerability from cvelistv5

wid-sec-w-2023-0819

Vulnerability from csaf_certbund

CVE-2023-25950

Vulnerability from jvndb

gsd-2023-25950

Vulnerability from gsd

ghsa-g72c-cx82-64hq

Vulnerability from github

Tags