890b79ced3
"A vulnerability was found that makes it possible to abuse the HTTP/2 parser, allowing an attacker to prepend hostnames to a request, append top-level domains to an existing domain, and inject invalid characters through the :method pseudo-header." https://www.haproxy.com/blog/august-2021-haproxy-2-0-http-2-vulnerabilities-fixed/