ACL against CVE-2021-44228?

Rfraile · December 13, 2021, 9:53am

Hello,

Does anyone have a fine tested acl to setup against CVE-2021-44228?

Taking the info from this good explanation, a match against any header or body content looking for the pattern “jndi” seems to block the request.

Thanks,

shadyabhi · December 14, 2021, 7:06pm

JB-87 · December 15, 2021, 11:38am

Hello Haproxy Friends,

Is there also a solution for haproxy 1.5?

Greetings

Topic		Replies	Views
Random ACL missmatch Help!	6	1067	June 6, 2020
Help building an ACL Help!	0	579	January 23, 2017
Is haproxy impacted by CVE-2022-37434? Help!	1	306	November 24, 2022
Configuring virtual ACL and Map files Help!	2	59	August 13, 2024
My SNI routing does not seem to work - is there some option to debug ACL rule? Help!	6	1261	January 19, 2024