Search for vulnerabilities
Vulnerability details: VCID-f4hp-kvfb-3bd2
Vulnerability ID VCID-f4hp-kvfb-3bd2
Aliases CVE-2019-18277
Summary A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specification).
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18277.json
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
epss 0.01471 https://api.first.org/data/v1/epss?cve=CVE-2019-18277
cvssv3 5.9 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2019-18277
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2019-18277
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00016.html
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00019.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18277.json
https://api.first.org/data/v1/epss?cve=CVE-2019-18277
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18277
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://git.haproxy.org/?p=haproxy-2.0.git%3Ba=commit%3Bh=196a7df44d8129d1adc795da020b722614d6a581
https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html
https://nathandavison.com/blog/haproxy-http-request-smuggling
https://www.mail-archive.com/haproxy%40formilux.org/msg34926.html
1759697 https://bugzilla.redhat.com/show_bug.cgi?id=1759697
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
CVE-2019-18277 https://nvd.nist.gov/vuln/detail/CVE-2019-18277
RHSA-2020:1287 https://access.redhat.com/errata/RHSA-2020:1287
RHSA-2020:1725 https://access.redhat.com/errata/RHSA-2020:1725
RHSA-2020:1936 https://access.redhat.com/errata/RHSA-2020:1936
RHSA-2020:2265 https://access.redhat.com/errata/RHSA-2020:2265
USN-4174-1 https://usn.ubuntu.com/4174-1/
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18277.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2019-18277
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2019-18277
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.79996
EPSS Score 0.01471
Published At June 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-01T12:11:25.280177+00:00 Ubuntu USN Importer Import https://usn.ubuntu.com/4174-1/ 36.1.3