16 matches found
RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2020:1287)
The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1287 advisory. - haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated chunked value CVE-2019-18277 - haprox...
RHEL 7 : rh-haproxy18-haproxy (RHSA-2020:2265)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2265 advisory. HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. The following packages have been upgrad...
Security Bulletin: HAProxy vulnerability CVE-2019-19330 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0
Summary HAProxy vulnerability CVE-2019-19330 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0. The fix for this set of vulnerabilities was delivered in IBM Aspera High-Speed Transfer Server V4.0.0 and IBM Aspera High-Speed Transfer...
Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2020-1904)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : haproxy (EulerOS-SA-2020-1904)
According to the versions of the haproxy package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return CR, ASCII 0x...
HAProxy HTTP2 CRLF Injection (CVE-2019-19330)
A CRLF injection vulnerability exists in HAProxy HTTP2 module. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
EulerOS 2.0 SP8 : haproxy (EulerOS-SA-2020-1805)
According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return CR, ASCII 0xd, line feed LF, ASCII 0xa...
RHEL 7 / 8 : OpenShift Container Platform 4.4.3 haproxy (RHSA-2020:1936)
The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1936 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.4.3 haproxy security update
An update for haproxy is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : haproxy (RHSA-2020:1725)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1725 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. The following packages...
Critical: Red Hat Security Advisory: OpenShift Container Platform 3.11 security update
Red Hat OpenShift Container Platform release 3.11.200 is now available with updates to packages and images that fix several bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Photon OS 3.0: Haproxy PHSA-2020-3.0-0047
An update of the haproxy package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0047. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid133064;...
Ubuntu: Security Advisory (USN-4212-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4577-1 : haproxy - security update
Tim Dusterhus discovered that haproxy, a TCP/HTTP reverse proxy, did not properly sanitize HTTP headers when converting from HTTP/2 to HTTP/1. This would allow a remote user to perform CRLF injections. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
CVE-2019-19330
The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return CR, ASCII 0xd, line feed LF, ASCII 0xa, and the zero character NUL, ASCII 0x0, aka Intermediary Encapsulation Attacks...
CVE-2019-19330
CVE-2019-19330 affects the HAProxy HTTP/2 implementation. Affected component is the HTTP/2 header handling, which mishandles headers containing CR (0x0D), LF (0x0A), or NUL (0x00), enabling what is described as Intermediary Encapsulation Attacks. The vulnerability is exploitable via crafted HTTP/...