11 matches found
RHEL 7 : rh-haproxy18-haproxy (RHSA-2018:2882)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2882 advisory. HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Security Fixes: haproxy: Out-of-bounds read in...
SUSE CVE-2018-14645
A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpackvalididx resulted in a remote crash and denial of service...
Fedora 29 : haproxy (2018-0b038c7047)
Update to 1.8.14, which includes fix for CVE-2018-14645. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora 28 : haproxy (2018-381ab64b59)
Update to 1.8.14, which includes fix for CVE-2018-14645. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
RHEL 7 : Red Hat OpenShift Container Platform 3.10 (RHSA-2018:2709)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2709 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
Security Bulletin: A Security Vulnerability affects IBM® Cloud Private Cloud Foundry (CVE-2018-14645)
Summary IBM Cloud Private Cloud Foundry is vulnerable to a security vulnerability Vulnerability Details CVEID: CVE-2018-14645 DESCRIPTION: HAProxy is vulnerable to a denial of service, caused by an out-of-bounds read access in hpackvalididx in the HPACK decoder. A remote attacker could exploit th...
openSUSE: Security Advisory for haproxy (openSUSE-SU-2018:3324-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : haproxy (openSUSE-2018-1229)
This update for haproxy to version 1.8.14 fixes the following issues : These security issues were fixed : - CVE-2018-14645: A flaw was discovered in the HPACK decoder what caused an out-of-bounds read in hpackvalididx that resulted in a remote crash and denial of service bsc1108683 -...
Security update for haproxy (important)
This update for haproxy to version 1.8.14 fixes the following issues: These security issues were fixed: - CVE-2018-14645: A flaw was discovered in the HPACK decoder what caused an out-of-bounds read in hpackvalididx that resulted in a remote crash and denial of service bsc1108683 - CVE-2018-11469...
SUSE-SU-2018:3249-1 Security update for haproxy
This update for haproxy to version 1.8.14 fixes the following issues: These security issues were fixed: - CVE-2018-14645: A flaw was discovered in the HPACK decoder what caused an out-of-bounds read in hpackvalididx that resulted in a remote crash and denial of service bsc1108683 - CVE-2018-11469...
CVE-2018-14645
HAProxy HPACK decoder in versions before 1.8.14 contains an out-of-bounds read in hpack_valid_idx(), leading to remote crash and denial of service. Affected: HAProxy’s HTTP/2 HPACK handling. Impact: remote crash/DoS. Mitigation: upgrade to HAProxy 1.8.14 or newer (as indicated by multiple advisor...