rpm package
suse/haproxy&distro=SUSE Linux Enterprise High Availability Extension 15 SP1
pkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP1
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-45539 | — | < 2.0.31-150100.8.34.1 | 2.0.31-150100.8.34.1 | Nov 28, 2023 | HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server. | ||
| CVE-2023-40225 | — | < 2.0.31-150100.8.34.1 | 2.0.31-150100.8.34.1 | Aug 10, 2023 | HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAP | ||
| CVE-2023-0056 | — | < 2.0.31-150100.8.31.1 | 2.0.31-150100.8.31.1 | Mar 23, 2023 | An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability. | ||
| CVE-2023-25725 | — | < 2.0.31-150100.8.31.1 | 2.0.31-150100.8.31.1 | Feb 14, 2023 | HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers an | ||
| CVE-2021-40346 | — | < 2.0.14-8.23.1 | 2.0.14-8.23.1 | Sep 8, 2021 | An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. | ||
| CVE-2020-11100 | — | < 2.0.10+git0.ac198b92-8.12.1 | 2.0.10+git0.ac198b92-8.12.1 | Apr 2, 2020 | In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution. | ||
| CVE-2019-18277 | — | < 2.0.10+git0.ac198b92-8.8.1 | 2.0.10+git0.ac198b92-8.8.1 | Oct 23, 2019 | A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct a | ||
| CVE-2019-14241 | — | < 2.0.5+git0.d905f49a-8.3.5 | 2.0.5+git0.d905f49a-8.3.5 | Jul 23, 2019 | HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c. |
- CVE-2023-45539Nov 28, 2023affected < 2.0.31-150100.8.34.1fixed 2.0.31-150100.8.34.1
HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server.
- CVE-2023-40225Aug 10, 2023affected < 2.0.31-150100.8.34.1fixed 2.0.31-150100.8.34.1
HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAP
- CVE-2023-0056Mar 23, 2023affected < 2.0.31-150100.8.31.1fixed 2.0.31-150100.8.31.1
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.
- CVE-2023-25725Feb 14, 2023affected < 2.0.31-150100.8.31.1fixed 2.0.31-150100.8.31.1
HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers an
- CVE-2021-40346Sep 8, 2021affected < 2.0.14-8.23.1fixed 2.0.14-8.23.1
An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs.
- CVE-2020-11100Apr 2, 2020affected < 2.0.10+git0.ac198b92-8.12.1fixed 2.0.10+git0.ac198b92-8.12.1
In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.
- CVE-2019-18277Oct 23, 2019affected < 2.0.10+git0.ac198b92-8.8.1fixed 2.0.10+git0.ac198b92-8.8.1
A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct a
- CVE-2019-14241Jul 23, 2019affected < 2.0.5+git0.d905f49a-8.3.5fixed 2.0.5+git0.d905f49a-8.3.5
HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c.