Lucene search
OracleLinuxELSA-2020-1725HistoryMay 05, 2020 - 12:00 a.m.
haproxy security, bug fix, and enhancement update
2020-05-0500:00:00
linux.oracle.com
13
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
[1.8.23-3]
- Fix hapack zero byte input causing overwrite (CVE-2020-11100, #1819519)
[1.8.23-2] - Consider exist status 143 as success (#1778844)
[1.8.23-1] - Update to 1.8.23 (#1774745)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | haproxy | < 1.8.23-3.el8 | haproxy-1.8.23-3.el8.src.rpm |
| oracle linux | 8 | aarch64 | haproxy | < 1.8.23-3.el8 | haproxy-1.8.23-3.el8.aarch64.rpm |
| oracle linux | 8 | src | haproxy | < 1.8.23-3.el8 | haproxy-1.8.23-3.el8.src.rpm |
| oracle linux | 8 | x86_64 | haproxy | < 1.8.23-3.el8 | haproxy-1.8.23-3.el8.x86_64.rpm |
Related
nessus
nessus
RHEL 7 / 8 : OpenShift Container Platform 4.4.3 haproxy (RHSA-2020:1936)
2020-05-05 00:00:00
RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2020:1287)
2023-01-23 00:00:00
EulerOS Virtualization for ARM 64 3.0.6.0 : haproxy (EulerOS-SA-2020-1904)
2020-08-28 00:00:00
redhat
redhat
openvas
openvas
Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2020-1904)
2020-08-31 00:00:00
Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2020-1805)
2020-07-31 00:00:00
Ubuntu: Security Advisory (USN-4212-1)
2019-12-05 00:00:00
osv
osv
CVE-2019-19330
2019-11-27 16:15:11
haproxy - security update
2019-11-28 00:00:00
CVE-2019-18277
2019-10-23 14:15:10
ubuntu
ubuntu
HAProxy vulnerability
2019-12-04 00:00:00
HAproxy vulnerability
2019-11-05 00:00:00
HAProxy vulnerability
2020-04-07 00:00:00
ibm
ibm
Security Bulletin: HAProxy vulnerability CVE-2019-19330 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0
2020-12-10 23:19:40
photon
photon
Important Photon OS Security Update - PHSA-2019-0038
2019-11-05 00:00:00
Important Photon OS Security Update - PHSA-2019-3.0-0038
2019-11-05 00:00:00
Critical Photon OS Security Update - PHSA-2019-0195
2019-12-09 00:00:00
cve
cve
alpinelinux
alpinelinux
CVE-2019-19330
2019-11-27 16:15:00
CVE-2020-11100
2020-04-02 15:15:00
redhatcve
redhatcve
ubuntucve
ubuntucve
checkpoint_advisories
checkpoint_advisories
HAProxy HTTP2 CRLF Injection (CVE-2019-19330)
2020-08-02 00:00:00
HaProxy HTTP Request Smuggling (CVE-2019-18277)
2020-07-28 00:00:00
HAProxy HTTP2 HPACK Remote Code Execution (CVE-2020-11100)
2020-08-02 00:00:00
debian
debian
[SECURITY] [DSA 4577-1] haproxy security update
2019-11-28 08:20:22
[SECURITY] [DSA 4577-1] haproxy security update
2019-11-28 08:20:22
[SECURITY] [DSA 4649-1] haproxy security update
2020-04-02 13:13:29
symantec
symantec
HAProxy CVE-2019-19330 CRLF Injection Vulnerability
2019-11-27 00:00:00
debiancve
debiancve
suse
suse
Security update for haproxy (important)
2019-12-05 00:00:00
Security update for haproxy (important)
2019-12-04 00:00:00
Security update for haproxy (important)
2020-04-04 00:00:00
prion
prion
Code injection
2019-10-23 14:15:00
Design/Logic Flaw
2019-11-27 16:15:00
Remote code execution
2020-04-02 15:15:00
veracode
veracode
HTTP Request Smuggling
2020-05-27 03:19:09
CRLF Injection
2020-05-06 03:21:44
Denial Of Service (DoS)
2020-04-03 00:40:38
gentoo
gentoo
HAProxy: Remote execution of arbitrary code
2020-04-01 00:00:00
HAProxy: Arbitrary code execution
2020-12-24 00:00:00
attackerkb
attackerkb
CVE-2020-11100
2020-04-02 00:00:00
oraclelinux
oraclelinux
haproxy security update
2020-04-02 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: haproxy-1.8.25-1.fc30
2020-04-11 21:51:58
[SECURITY] Fedora 31 Update: haproxy-2.0.14-1.fc31
2020-04-28 02:56:24
freebsd
freebsd
HAproxy -- serious vulnerability affecting the HPACK decoder used for HTTP/2
2020-04-02 00:00:00
archlinux
archlinux
[ASA-202004-7] haproxy: arbitrary code execution
2020-04-08 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1851
2021-07-02 17:04:24
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related for ELSA-2020-1725