Medium severity5.9NVD Advisory· Published May 25, 2018· Updated Jun 17, 2026
CVE-2018-11469
CVE-2018-11469
Description
Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for_cacheability function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- osv-coords2 versionspkg:rpm/opensuse/haproxy&distro=openSUSE%20Tumbleweedpkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015
< 2.4.4+git0.acb1d0bea-1.2+ 1 more
- (no CPE)range: < 2.4.4+git0.acb1d0bea-1.2
- (no CPE)range: < 1.8.14~git0.52e4d43b-3.3.2
Patches
Vulnerability mechanics
References
4- www.securityfocus.com/bid/104347nvdThird Party AdvisoryVDB Entry
- usn.ubuntu.com/3663-1/nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2019:1436nvd
- git.haproxy.orgnvd
News mentions
0No linked articles in our index yet.