CVE-2019-18277

A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specification).
Configurations

Configuration 1 (hide)

cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*

History

07 Nov 2023, 03:06

Type Values Removed Values Added
References
  • {'url': 'https://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=196a7df44d8129d1adc795da020b722614d6a581', 'name': 'https://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=196a7df44d8129d1adc795da020b722614d6a581', 'tags': ['Patch', 'Vendor Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://www.mail-archive.com/haproxy@formilux.org/msg34926.html', 'name': 'https://www.mail-archive.com/haproxy@formilux.org/msg34926.html', 'tags': ['Release Notes'], 'refsource': 'MISC'}
  • () https://www.mail-archive.com/haproxy%40formilux.org/msg34926.html -
  • () https://git.haproxy.org/?p=haproxy-2.0.git%3Ba=commit%3Bh=196a7df44d8129d1adc795da020b722614d6a581 -

02 Jun 2022, 14:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html -

Information

Published : 2019-10-23 14:15

Updated : 2023-12-10 13:13


NVD link : CVE-2019-18277

Mitre link : CVE-2019-18277

CVE.ORG link : CVE-2019-18277


JSON object : View

Products Affected

haproxy

  • haproxy
CWE
CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')