5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
71.3%
Charlie Smurthwaite of aTech Media discovered a flaw in HAProxy, a fast
and reliable load balancing reverse proxy, when HTTP pipelining is used.
A client can take advantage of this flaw to cause data corruption and
retrieve uninitialized memory contents that exhibit data from a past
request or session.
For the stable distribution (jessie), this problem has been fixed in
version 1.5.8-3+deb8u1.
For the unstable distribution (sid), this problem has been fixed in
version 1.5.14-1.
We recommend that you upgrade your haproxy packages.
CPE | Name | Operator | Version |
---|---|---|---|
haproxy | eq | 1.5.8-3 | |
haproxy | eq | 1.5.8-3+deb8u1~bpo60+1 | |
haproxy | eq | 1.5.8-3+deb8u1~bpo70+1 |