Security Advisory

CVE-2021-40346

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-08 16:40:38

Last updated 2024-08-04 02:27:31

Assigner mitre

State PUBLISHED

Description

An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs.

← Browse all CVEs View on cve.org ↗