In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.

nessus 18

osv 3

attackerkb 1

prion 1

veracode 1

alpinelinux 1

redhat 5

fedora 2

openvas 7

ubuntu 1

oraclelinux 2

cve 1

checkpoint_advisories 1

ibm 2

redhatcve 1

gentoo 1

archlinux 1

suse 1

debian 2

ubuntucve 1

debiancve 1

freebsd 1

photon 6

nessus

Photon OS 1.0: Haproxy PHSA-2020-1.0-0289

2020-04-28 00:00:00

Amazon Linux 2 : haproxy2 (ALASHAPROXY2-2023-006)

2023-09-27 00:00:00

RHEL 8 : haproxy (RHSA-2020:1288)

2020-04-02 00:00:00

osv

haproxy - security update

2020-04-02 00:00:00

CVE-2020-11100

2020-04-02 15:15:17

BIT-haproxy-2020-11100

2024-03-06 10:55:05

attackerkb

CVE-2020-11100

2020-04-02 00:00:00

prion

Remote code execution

2020-04-02 15:15:00

veracode

Denial Of Service (DoS)

2020-04-03 00:40:38

alpinelinux

CVE-2020-11100

2020-04-02 15:15:00

redhat

(RHSA-2020:1290) Critical: rh-haproxy18-haproxy security update

2020-04-02 13:14:55

(RHSA-2020:1288) Critical: haproxy security update

2020-04-02 13:18:23

(RHSA-2020:1289) Critical: haproxy security update

2020-04-02 13:18:58

fedora

[SECURITY] Fedora 30 Update: haproxy-1.8.25-1.fc30

2020-04-11 21:51:58

[SECURITY] Fedora 31 Update: haproxy-2.0.14-1.fc31

2020-04-28 02:56:24

openvas

Fedora: Security Advisory for haproxy (FEDORA-2020-16cd111544)

2020-04-12 00:00:00

Ubuntu: Security Advisory (USN-4321-1)

2020-04-08 00:00:00

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2020-1709)

2020-06-26 00:00:00

ubuntu

HAProxy vulnerability

2020-04-07 00:00:00

oraclelinux

haproxy security update

2020-04-02 00:00:00

haproxy security, bug fix, and enhancement update

2020-05-05 00:00:00

cve

CVE-2020-11100

2020-04-02 15:15:00

checkpoint_advisories

HAProxy HTTP2 HPACK Remote Code Execution (CVE-2020-11100)

2020-08-02 00:00:00

ibm

Security Bulletin: HAProxy vulnerability CVE-2020-11100 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0

2020-12-10 23:21:25

Security Bulletin: Multiple Security Vulnerabilities were identified in IBM Security Verify Access.

2024-01-09 20:33:04

redhatcve

CVE-2020-11100

2020-04-02 13:25:24

gentoo

HAProxy: Arbitrary code execution

2020-12-24 00:00:00

archlinux

[ASA-202004-7] haproxy: arbitrary code execution

2020-04-08 00:00:00

suse

Security update for haproxy (important)

2020-04-04 00:00:00

debian

[SECURITY] [DSA 4649-1] haproxy security update

2020-04-02 13:13:29

[SECURITY] [DSA 4649-1] haproxy security update

2020-04-02 13:13:49

ubuntucve

CVE-2020-11100

2020-04-02 00:00:00

debiancve

CVE-2020-11100

2020-04-02 15:15:00

freebsd

HAproxy -- serious vulnerability affecting the HPACK decoder used for HTTP/2

2020-04-02 00:00:00

photon

Important Photon OS Security Update - PHSA-2020-0227

2020-04-08 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0227

2020-04-08 00:00:00

Important Photon OS Security Update - PHSA-2020-0078

2020-04-08 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8.8 High

AI Score

Confidence

High

0.028 Low

EPSS

Percentile

90.6%

JSON

Related for CVELIST:CVE-2020-11100