7 matches found
openSUSE 16 Security Update : haproxy (openSUSE-SU-2026:21245-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21245-1 advisory. This update for haproxy fixes the following issues - Update to version 3.2.21+git0.dbe43be37 - CVE-2026-55203: integer overflow vulnerability in...
CVE-2026-55203 vulnerabilities
Vulnerabilities for packages: haproxy...
SUSE-SU-2026:22544-1 Security update for haproxy
This update for haproxy fixes the following issues - Update to version 3.2.21+git0.dbe43be37 - CVE-2026-55203: integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers bsc1268557. - CVE-2026-55204: null pointer dereference...
SUSE-SU-2026:22515-1 Security update for haproxy
This update for haproxy fixes the following issues - CVE-2026-55203: integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers bsc1268557. - CVE-2026-55204: null pointer dereference vulnerability in hpackdhtinsert within...
SUSE CVE-2026-55203
HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record...
DEBIAN-CVE-2026-55203
HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record...
CVE-2026-55203
HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record...