It was discovered that HAProxy incorrectly handled URI components containing the hash character (#). A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain path_end rules.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "haproxy", "binary_version": "2.0.31-0ubuntu0.3" }, { "binary_name": "haproxy-dbgsym", "binary_version": "2.0.31-0ubuntu0.3" }, { "binary_name": "haproxy-doc", "binary_version": "2.0.31-0ubuntu0.3" }, { "binary_name": "vim-haproxy", "binary_version": "2.0.31-0ubuntu0.3" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "haproxy", "binary_version": "2.4.22-0ubuntu0.22.04.3" }, { "binary_name": "haproxy-dbgsym", "binary_version": "2.4.22-0ubuntu0.22.04.3" }, { "binary_name": "haproxy-doc", "binary_version": "2.4.22-0ubuntu0.22.04.3" }, { "binary_name": "vim-haproxy", "binary_version": "2.4.22-0ubuntu0.22.04.3" } ] }