Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2023-25950

HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition.

  • Published: Apr 11, 2023
  • Updated: May 10, 2024
  • CVE: CVE-2023-25950
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.3
  • AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWEs:

Software From Fixed in
haproxy / haproxy 2.7.0 2.7.0.x
haproxy / haproxy 2.6.1 2.6.7.x