Lucene search

GoogleOSV:BIT-HAPROXY-2024-45506

HistorySep 16, 2024 - 11:52 a.m.

BIT-haproxy-2024-45506

2024-09-1611:52:22

Google

osv.dev

haproxy software vulnerability 2.9.x-3.1.x denial of service

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

JSON

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service.

References

git.haproxy.org/?p=haproxy-3.0.git%3Ba=commitdiff%3Bh=c725db17e8416ffb3c1537aea756356228ce5e3c

git.haproxy.org/?p=haproxy-3.0.git%3Ba=commitdiff%3Bh=d636e515453320c6e122c313c661a8ac7d387c7f

www.haproxy.org/

www.haproxy.org/download/3.1/src/CHANGELOG

www.mail-archive.com/haproxy%40formilux.org/msg45280.html

www.mail-archive.com/haproxy%40formilux.org/msg45281.html

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

JSON

Related for OSV:BIT-HAPROXY-2024-45506