HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server.
Metrics
Affected Vendors & Products
References
History
Wed, 06 Nov 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
|
CPEs | cpe:/a:redhat:enterprise_linux:8 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_tus:8.6 |
|
Vendors & Products |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
Tue, 15 Oct 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-116 | |
Metrics |
ssvc
|
Thu, 12 Sep 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:openshift:4.14::el8 |
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-11-28T00:00:00
Updated: 2024-10-15T17:44:03.661Z
Reserved: 2023-10-09T00:00:00
Link: CVE-2023-45539
Vulnrichment
Updated: 2024-08-02T20:21:16.699Z
NVD
Status : Modified
Published: 2023-11-28T20:15:07.817
Modified: 2024-10-15T18:35:08.890
Link: CVE-2023-45539
Redhat