USN-5063-1: HAProxy vulnerabilities
08 September 2021
HAProxy could be made to expose sensitive information over the network.
- haproxy - fast and reliable load balancing reverse proxy
Ori Hollander discovered that HAProxy incorrectly handled HTTP header name
length encoding. A remote attacker could possibly use this issue to inject
a duplicate content-length header and perform request smuggling attacks.