5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
67.5%
HAProxy provides high availability, load balancing, and proxying for TCP
and HTTP-based applications.
An implementation error related to the memory management of request and
responses was found within HAProxy’s buffer_slow_realign() function.
An unauthenticated remote attacker could possibly use this flaw to leak
certain memory buffer contents from a past request or session.
(CVE-2015-3281)
All haproxy users are advised to upgrade to this updated package, which
contains a backported patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | src | haproxy | < 1.5.4-2.el6_7.1 | haproxy-1.5.4-2.el6_7.1.src.rpm |
RedHat | 6 | x86_64 | haproxy | < 1.5.4-2.el6_7.1 | haproxy-1.5.4-2.el6_7.1.x86_64.rpm |
RedHat | 7 | x86_64 | haproxy-debuginfo | < 1.5.4-4.el7_1.1 | haproxy-debuginfo-1.5.4-4.el7_1.1.x86_64.rpm |
RedHat | 6 | i686 | haproxy-debuginfo | < 1.5.4-2.el6_7.1 | haproxy-debuginfo-1.5.4-2.el6_7.1.i686.rpm |
RedHat | 6 | x86_64 | haproxy-debuginfo | < 1.5.4-2.el6_7.1 | haproxy-debuginfo-1.5.4-2.el6_7.1.x86_64.rpm |
RedHat | 7 | x86_64 | haproxy | < 1.5.4-4.el7_1.1 | haproxy-1.5.4-4.el7_1.1.x86_64.rpm |
RedHat | 6 | i686 | haproxy | < 1.5.4-2.el6_7.1 | haproxy-1.5.4-2.el6_7.1.i686.rpm |