阿里云漏洞库

漏洞描述

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
https://cwe.mitre.org/data/definitions/436.html
https://github.com/haproxy/haproxy/commit/6492f1f29d738457ea9f382aca54537f35f9d856
https://github.com/haproxy/haproxy/issues/2237
https://www.haproxy.org/download/2.6/src/CHANGELOG
https://www.haproxy.org/download/2.7/src/CHANGELOG
https://www.haproxy.org/download/2.8/src/CHANGELOG

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	haproxy	haproxy	*		Up to (including) 2.0.32
	运行在以下环境
	应用	haproxy	haproxy	*	From (including) 2.2.0	Up to (including) 2.2.30
	运行在以下环境
	应用	haproxy	haproxy	*	From (including) 2.4.0	Up to (including) 2.4.23
	运行在以下环境
	应用	haproxy	haproxy	*	From (including) 2.5.0	Up to (excluding) 2.6.15
	运行在以下环境
	应用	haproxy	haproxy	*	From (including) 2.7.0	Up to (excluding) 2.7.10
	运行在以下环境
	应用	haproxy	haproxy	*	From (including) 2.8.0	Up to (excluding) 2.8.2
	运行在以下环境
	系统	amazon_2	haproxy2	*		Up to (excluding) 2.2.17-1.amzn2.0.7
	运行在以下环境
	系统	amazon_2023	haproxy	*		Up to (excluding) 2.8.0-1.amzn2023.0.2
	运行在以下环境
	系统	anolis_os_23	haproxy	*		Up to (excluding) 2.7.10-1
	运行在以下环境
	系统	debian_10	haproxy	*		Up to (excluding) 1.8.19-1+deb10u5
	运行在以下环境
	系统	debian_11	haproxy	*		Up to (excluding) 2.2.9-2+deb11u6
	运行在以下环境
	系统	debian_12	haproxy	*		Up to (excluding) 2.6.12-1+deb12u1
	运行在以下环境
	系统	kylinos_aarch64_V10SP1	haproxy	*		Up to (excluding) 2.2.16-7.ky10
	运行在以下环境
	系统	kylinos_aarch64_V10SP2	haproxy	*		Up to (excluding) 2.2.16-7.ky10
	运行在以下环境
	系统	kylinos_aarch64_V10SP3	haproxy	*		Up to (excluding) 2.2.16-7.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10SP1	haproxy	*		Up to (excluding) 2.2.16-7.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10SP2	haproxy	*		Up to (excluding) 2.2.16-7.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10SP3	haproxy	*		Up to (excluding) 2.2.16-7.ky10
	运行在以下环境
	系统	opensuse_5.3	haproxy	*		Up to (excluding) 150400.3.16.1
	运行在以下环境
	系统	opensuse_5.4	haproxy	*		Up to (excluding) 150400.3.16.1
	运行在以下环境
	系统	opensuse_Leap_15.4	haproxy	*		Up to (excluding) 150400.3.16.1
	运行在以下环境
	系统	opensuse_Leap_15.5	haproxy	*		Up to (excluding) 150400.3.16.1
	运行在以下环境
	系统	ubuntu_20.04	haproxy	*		Up to (excluding) 2.0.31-0ubuntu0.2
	运行在以下环境
	系统	ubuntu_22.04	haproxy	*		Up to (excluding) 2.4.22-0ubuntu0.22.04.2

攻击路径

本地
攻击复杂度

复杂
权限要求

普通权限
影响范围

越权影响
EXP成熟度

未验证
补丁情况

官方补丁
数据保密性

无影响
数据完整性

无影响
服务器危害

无影响
全网数量

N/A

CWE-ID	漏洞类型
CWE-444	HTTP请求的解释不一致性（HTTP请求私运）

中危 haproxy 安全漏洞 (CVE-2023-40225)

漏洞描述

解决建议

参考链接

受影响软件情况