Unrated severityNVD Advisory· Published Nov 27, 2019· Updated Aug 5, 2024
CVE-2019-19330
CVE-2019-19330
Description
The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- HAProxy/HAProxydescription
Patches
Vulnerability mechanics
References
8- security.gentoo.org/glsa/202004-01mitrevendor-advisoryx_refsource_GENTOO
- usn.ubuntu.com/4212-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2019/dsa-4577mitrevendor-advisoryx_refsource_DEBIAN
- git.haproxy.orgmitrex_refsource_MISC
- git.haproxy.orgmitrex_refsource_MISC
- git.haproxy.orgmitrex_refsource_MISC
- seclists.org/bugtraq/2019/Nov/45mitremailing-listx_refsource_BUGTRAQ
- tools.ietf.org/html/rfc7540mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.