Medium severity5.3NVD Advisory· Published Nov 28, 2024· Updated Apr 15, 2026
CVE-2024-53008
CVE-2024-53008
Description
Inconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL (Access Control List) set on the product. As a result, the attacker may obtain sensitive information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
24- osv-coords22 versionspkg:apk/chainguard/haproxy-2.6pkg:apk/chainguard/haproxy-2.6-docpkg:apk/chainguard/haproxy-2.6-iamguarded-compatpkg:apk/chainguard/haproxy-2.6-nocapspkg:apk/chainguard/haproxy-2.6-oci-entrypointpkg:apk/chainguard/haproxy-2.8pkg:apk/chainguard/haproxy-2.8-docpkg:apk/chainguard/haproxy-2.8-iamguarded-compatpkg:apk/chainguard/haproxy-2.8-nocapspkg:apk/chainguard/haproxy-2.8-oci-entrypointpkg:apk/chainguard/haproxy-2.9pkg:apk/chainguard/haproxy-2.9-docpkg:apk/chainguard/haproxy-2.9-iamguarded-compatpkg:apk/chainguard/haproxy-2.9-oci-entrypointpkg:apk/wolfi/haproxy-2.9pkg:apk/wolfi/haproxy-2.9-docpkg:apk/wolfi/haproxy-2.9-oci-entrypointpkg:bitnami/haproxypkg:rpm/opensuse/haproxy&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6pkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Micro%206.1
< 2.6.20-r0+ 21 more
- (no CPE)range: < 2.6.20-r0
- (no CPE)range: < 2.6.20-r0
- (no CPE)range: < 2.6.20-r0
- (no CPE)range: < 2.6.20-r0
- (no CPE)range: < 2.6.20-r0
- (no CPE)range: < 2.8.13-r0
- (no CPE)range: < 2.8.13-r0
- (no CPE)range: < 2.8.13-r0
- (no CPE)range: < 2.8.13-r0
- (no CPE)range: < 2.8.13-r0
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: >= 2.6.0, < 2.9.10
- (no CPE)range: < 2.8.11+git0.01c1056a4-150600.3.3.1
- (no CPE)range: < 2.8.11+git0.01c1056a4-150600.3.3.1
- (no CPE)range: < 2.8.11+git0.01c1056a4-1.1
- (no CPE)range: < 2.8.11+git0.01c1056a4-slfo.1.1_1.1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.