Vulnerabilities > CVE-2023-45539 - Unspecified vulnerability in Haproxy

047910
CVSS 8.2 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
LOW
Availability impact
NONE
network
low complexity
haproxy
NVD
Published: 2023-11-28
Updated: 2024-10-15

Summary

HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server.

Vulnerable Configurations

Part Description Count
Application
Haproxy
425

References