- Vulnerability/
- USN-6294-2
USN-6294-2: HAProxy vulnerability
First published: Thu Aug 17 2023(Updated: )
USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length headers. A remote attacker could possibly use this issue to manipulate the payload and bypass certain restrictions.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/haproxy | <2.0.31-0ubuntu0.2 | 2.0.31-0ubuntu0.2 |
| =20.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this HAProxy vulnerability?
The vulnerability ID for this HAProxy vulnerability is USN-6294-2.
What is the severity of USN-6294-2?
The severity of USN-6294-2 has not been disclosed in the provided information.
What software is affected by USN-6294-2?
The software affected by USN-6294-2 is HAProxy version 2.0.31-0ubuntu0.2 on Ubuntu 20.04 LTS.
How do I fix the USN-6294-2 vulnerability?
To fix the USN-6294-2 vulnerability, update HAProxy to version 2.0.31-0ubuntu0.2 or higher.
Where can I find more information about USN-6294-2?
More information about USN-6294-2 can be found at the following references: [CVE-2023-40225](https://ubuntu.com/security/CVE-2023-40225), [USN-6294-1](https://ubuntu.com/security/notices/USN-6294-1), [Launchpad](https://launchpad.net/ubuntu/+source/haproxy/2.0.31-0ubuntu0.2).
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- anchor-related/USN-6294-1
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/20.04