CVE-2021-39242

Published: 2021-08-17T19:15Z

Last Modified: 2024-11-21T06:18Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host header, because a mismatch between Host and authority is mishandled. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt