Unrated severityNVD Advisory· Published Sep 4, 2024· Updated Mar 14, 2025
CVE-2024-45506
CVE-2024-45506
Description
HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions, as exploited in the wild in 2024.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
19- osv-coords17 versionspkg:apk/chainguard/haproxy-2.9pkg:apk/chainguard/haproxy-2.9-docpkg:apk/chainguard/haproxy-2.9-iamguarded-compatpkg:apk/chainguard/haproxy-2.9-oci-entrypointpkg:apk/chainguard/haproxy-3.0pkg:apk/chainguard/haproxy-3.0-docpkg:apk/chainguard/haproxy-3.0-iamguarded-compatpkg:apk/chainguard/haproxy-3.0-nocapspkg:apk/chainguard/haproxy-3.0-oci-entrypointpkg:apk/wolfi/haproxy-2.9pkg:apk/wolfi/haproxy-2.9-docpkg:apk/wolfi/haproxy-2.9-oci-entrypointpkg:apk/wolfi/haproxy-3.0pkg:apk/wolfi/haproxy-3.0-docpkg:apk/wolfi/haproxy-3.0-oci-entrypointpkg:bitnami/haproxypkg:rpm/opensuse/haproxy&distro=openSUSE%20Tumbleweed
< 2.9.10-r0+ 16 more
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: < 3.0.4-r0
- (no CPE)range: < 3.0.4-r0
- (no CPE)range: < 3.0.4-r0
- (no CPE)range: < 3.0.4-r0
- (no CPE)range: < 3.0.4-r0
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: < 2.9.10-r0
- (no CPE)range: < 3.0.4-r0
- (no CPE)range: < 3.0.4-r0
- (no CPE)range: < 3.0.4-r0
- (no CPE)range: >= 2.9.0, < 2.9.10
- (no CPE)range: < 3.0.4+git0.7a59afa93-1.1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.