{ "threat_severity" : "Moderate", "public_date" : "2023-04-11T00:00:00Z", "bugzilla" : { "description" : "haproxy: malformed HTTP header field name can lead to HTTP request/response smuggling", "id" : "2185854", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2185854" }, "cvss3" : { "cvss3_base_score" : "7.3", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "status" : "draft" }, "cwe" : "CWE-444", "details" : [ "HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition." ], "package_state" : [ { "product_name" : "Red Hat Ceph Storage 5", "fix_state" : "Not affected", "package_name" : "haproxy", "cpe" : "cpe:/a:redhat:ceph_storage:5" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "haproxy", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "haproxy", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Will not fix", "package_name" : "haproxy", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "fix_state" : "Out of support scope", "package_name" : "haproxy", "cpe" : "cpe:/a:redhat:openshift:3.11" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "haproxy", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Will not fix", "package_name" : "rh-haproxy18-haproxy", "cpe" : "cpe:/a:redhat:rhel_software_collections:3" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-25950\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-25950" ], "name" : "CVE-2023-25950", "csaw" : false }