39 matches found
RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2020:1287)
The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1287 advisory. - haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated chunked value CVE-2019-18277 - haprox...
MiracleLinux 8 : haproxy-1.8.15-6.el8.1 (AXSA:2020-172:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-172:01 advisory. haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes CVE-2020-11100 Tenable has extracted the preceding description block directly from the...
TencentOS Server 3: haproxy (TSSA-2022:0043)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0043 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
CVE-2020-11100
creationtimestamp| type| source ---|---|--- 2024-10-31 01:40:27+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1336...
Photon OS 2.0: Haproxy PHSA-2020-2.0-0227
An update of the haproxy package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0227. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Amazon Linux 2 : haproxy2 (ALASHAPROXY2-2023-006)
The version of haproxy2 installed on the remote host is prior to 2.1.4-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2HAPROXY2-2023-006 advisory. In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write...
RHEL 7 : rh-haproxy18-haproxy (RHSA-2020:1290)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1290 advisory. HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Security Fixes: haproxy: malformed HTTP/2 reques...
GLSA-202012-22 : HAProxy: Arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-202012-22 HAProxy: Arbitrary code execution It was discovered that HAProxy incorrectly handled certain HTTP/2 headers. Impact : A remote attacker, by sending a specially crafted HTTP/2 request, could possibly execute arbitrary cod...
Security Bulletin: HAProxy vulnerability CVE-2020-11100 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0
Summary HAProxy vulnerability CVE-2020-11100 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0. The fix for this set of vulnerabilities was delivered in IBM Aspera High-Speed Transfer Server V4.0.0 and IBM Aspera High-Speed Transfer...
HAProxy HTTP2 HPACK Remote Code Execution (CVE-2020-11100)
A remote code execution vulnerability exists in HAProxy. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2020-1709)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : haproxy (EulerOS-SA-2020-1709)
According to the version of the haproxy package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can writ...
Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2020-1580)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : haproxy (EulerOS-SA-2020-1580)
According to the version of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a...
haproxy security, bug fix, and enhancement update
1.8.23-3 - Fix hapack zero byte input causing overwrite CVE-2020-11100, 1819519 1.8.23-2 - Consider exist status 143 as success 1778844 1.8.23-1 - Update to 1.8.23 1774745...
RHEL 7 / 8 : OpenShift Container Platform 4.4.3 haproxy (RHSA-2020:1936)
The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1936 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.4.3 haproxy security update
An update for haproxy is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Fedora 30 : haproxy (2020-16cd111544)
Security fix for CVE-2020-11100 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...
Critical: Red Hat Security Advisory: OpenShift Container Platform 3.11 security update
Red Hat OpenShift Container Platform release 3.11.200 is now available with updates to packages and images that fix several bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
openSUSE Security Update : haproxy (openSUSE-2020-444)
This update for haproxy fixes the following issues : - CVE-2020-11100: Fixed an H2/HPAC vulnerability ch might have allowed arbitrary writes into a 32-bit relative address space bsc1168023. This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. T...