rpm package
opensuse/haproxy&distro=openSUSE Leap 15.0
pkg:rpm/opensuse/haproxy&distro=openSUSE%20Leap%2015.0
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-18277 | — | < 2.0.10+git0.ac198b92-lp150.2.16.1 | 2.0.10+git0.ac198b92-lp150.2.16.1 | Oct 23, 2019 | A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct a | ||
| CVE-2019-14241 | — | < 2.0.5+git0.d905f49a-lp150.2.13.1 | 2.0.5+git0.d905f49a-lp150.2.13.1 | Jul 23, 2019 | HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c. |
- CVE-2019-18277Oct 23, 2019affected < 2.0.10+git0.ac198b92-lp150.2.16.1fixed 2.0.10+git0.ac198b92-lp150.2.16.1
A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct a
- CVE-2019-14241Jul 23, 2019affected < 2.0.5+git0.d905f49a-lp150.2.13.1fixed 2.0.5+git0.d905f49a-lp150.2.13.1
HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c.