2108 matches found
CVE-2026-55203
A flaw was found in HAProxy. A malicious FastCGI Fast Common Gateway Interface backend can exploit an integer overflow vulnerability in the fcgiconn structure's drl field. This occurs when specific contentLength and paddingLength values cause the drl field to wrap to zero, leading to incorrect...
CVE-2026-55204
A flaw was found in HAProxy. An attacker can trigger HPACK dynamic table insertions under memory pressure, leading to a null pointer dereference in the hpackdhtinsert function. This can cause HAProxy worker processes to crash, resulting in a denial of service DoS. Mitigation Mitigation for this...
netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers
A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested PP2TYPESSL type-length-value TLV records. This can lead to a memory leak, causing the underlying cumulation...
netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message
A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2TYPESSL TLV Type-Length-Value header. This can lead to an IndexOutOfBoundsException...
TencentOS Server 4: haproxy (TSSA-2026:0548)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0548 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
openSUSE 16 Security Update : haproxy (openSUSE-SU-2026:21245-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21245-1 advisory. This update for haproxy fixes the following issues - Update to version 3.2.21+git0.dbe43be37 - CVE-2026-55203: integer overflow vulnerability in...
CVE-2026-33555 vulnerabilities
Vulnerabilities for packages: haproxy...
GHSA-5MP8-RQ5M-PJ7M vulnerabilities
Vulnerabilities for packages: haproxy...
GHSA-58MJ-CMHG-35RG vulnerabilities
Vulnerabilities for packages: haproxy...
GHSA-4VJ2-5MVX-3VCC vulnerabilities
Vulnerabilities for packages: haproxy...
CVE-2026-55204 vulnerabilities
Vulnerabilities for packages: haproxy...
CVE-2026-55203 vulnerabilities
Vulnerabilities for packages: haproxy...
GHSA-58MJ-CMHG-35RG vulnerabilities
Vulnerabilities for packages: haproxy...
CVE-2026-55204 vulnerabilities
Vulnerabilities for packages: haproxy...
GHSA-4VJ2-5MVX-3VCC vulnerabilities
Vulnerabilities for packages: haproxy...
CVE-2026-55203 vulnerabilities
Vulnerabilities for packages: haproxy...
GHSA-5MP8-RQ5M-PJ7M vulnerabilities
Vulnerabilities for packages: haproxy...
CVE-2026-33555 vulnerabilities
Vulnerabilities for packages: haproxy...
SUSE-SU-2026:22557-1 Security update for haproxy
This update for haproxy fixes the following issues - Update to version 3.2.21+git0.dbe43be37 - CVE-2026-55203: integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers bsc1268557. - CVE-2026-55204: null pointer dereference...
OPENSUSE-SU-2026:21245-1 Security update for haproxy
This update for haproxy fixes the following issues - Update to version 3.2.21+git0.dbe43be37 - CVE-2026-55203: integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as new FCGI record headers bsc1268557. - CVE-2026-55204: null pointer dereference...