Back to bug 2231370
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Pedro Sampaio | 2023-08-11 12:33:42 UTC | Depends On | 2231371, 2231372 | |
| Pedro Sampaio | 2023-08-11 13:06:58 UTC | CC | amctagga, aoconnor, bniver, flucifre, gmeno, mbenjamin, mhackett, sostapov, vereddy | |
| Pedro Sampaio | 2023-08-11 13:07:37 UTC | Depends On | 2231382, 2231384, 2231381, 2231383 | |
| Pedro Sampaio | 2023-08-11 13:08:16 UTC | Blocks | 2231385 | |
| Pedro Sampaio | 2023-08-11 13:09:22 UTC | CC | aazores, chazlett, dfreiber, eaguilar, ebaron, jburrell, jkang, jpallich, pjindal, rogbas, sfroberg, vkumar | |
| Robert Scheck | 2023-08-13 08:36:38 UTC | CC | redhat-bugzilla | |
| Pedro Sampaio | 2023-08-15 19:16:38 UTC | Doc Text | A flaw was found in HAProxy where empty Content-Length headers are forwarded, possibly causing an HTTP/1 server behind it to interpret the payload as an extra request. This may render the HTTP/1 server vulnerable to attacks in some uncommon cases. | |
| Pedro Sampaio | 2023-08-15 19:16:55 UTC | Summary | TRIAGE-CVE-2023-40225 haproxy: Proxy forwards malformed empty Content-Length headers | CVE-2023-40225 haproxy: Proxy forwards malformed empty Content-Length headers |
| Alias | TRIAGE-CVE-2023-40225 | CVE-2023-40225 | ||
| Paige Jung | 2023-08-15 19:59:16 UTC | Doc Text | A flaw was found in HAProxy where empty Content-Length headers are forwarded, possibly causing an HTTP/1 server behind it to interpret the payload as an extra request. This may render the HTTP/1 server vulnerable to attacks in some uncommon cases. | A flaw was found in HAProxy. Empty Content-Length headers are forwarded, which could cause an HTTP/1 server behind it to interpret the payload as an extra request. This may render the HTTP/1 server vulnerable to attacks in some uncommon cases. |
Back to bug 2231370