Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0053: haproxy (ALINUX3-SA-2024:0053)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0053 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-0056: An uncontrolled resource...

9.1CVSS6.8AI score0.05493EPSS
Exploits0References4
Rosalinux
Rosalinux
added 2024/04/17 1:35 p.m.139 views

Advisory ROSA-SA-2024-2400

Software: haproxy 2.6.15 OS: ROSA-CHROME packageevrstring: haproxy-2.6.15-1.src.rpm CVE-ID: CVE-2023-0836 BDU-ID: 2023-04833 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the HAProxy server software is related to incomplete cleanup of temporary or auxiliary resources. Exploitation of the...

9.1CVSS7.7AI score0.05493EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.25 views

CentOS 9 : haproxy-2.4.22-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the haproxy-2.4.22-1.el9 build changelog. - An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8,...

7.5CVSS7.5AI score0.01201EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.27 views

EulerOS 2.0 SP11 : haproxy (EulerOS-SA-2023-2645)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8,...

7.5CVSS7.5AI score0.01201EPSS
Exploits0References2
OSV
OSV
added 2023/12/15 11:6 a.m.5 views

OESA-2023-1919 haproxy security update

HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for very high traffic web sites and powers quite a number of the world's most visited ones. Security Fixes: An information lea...

8.2CVSS7.2AI score0.01526EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/11/16 12:0 a.m.48 views

Oracle Linux 9 : haproxy (ELSA-2023-6496)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-6496 advisory. 2.4.22-1 - Update to 2.4.22 2196530 2.4.17-7 - Fix uninitizalized resevered bytes CVE-2023-0836, 2180861 Tenable has extracted the preceding description block...

7.5CVSS7.3AI score0.01201EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2023/11/11 12:0 a.m.34 views

haproxy security and bug fix update

2.4.22-1 - Update to 2.4.22 2196530 2.4.17-7 - Fix uninitizalized resevered bytes CVE-2023-0836, 2180861...

7.5CVSS7AI score0.01201EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/11/07 8:18 a.m.37 views

Moderate: Red Hat Security Advisory: haproxy security and bug fix update

An update for haproxy is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS7.1AI score0.01201EPSS
Exploits0References5
OSV
OSV
added 2023/11/07 12:0 a.m.30 views

ALSA-2023:6496 Moderate: haproxy security and bug fix update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: data leak via fcgi requests CVE-2023-0836 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relate...

7.5CVSS7.4AI score0.01201EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.67 views

Moderate: haproxy security and bug fix update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: data leak via fcgi requests CVE-2023-0836 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relate...

7.5CVSS7.1AI score0.01201EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.28 views

Amazon Linux 2 : haproxy2 (ALASHAPROXY2-2023-002)

The version of haproxy2 installed on the remote host is prior to 2.2.17-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2HAPROXY2-2023-002 advisory. An out-of-bounds read in dnsvalidatednsresponse in dns.c was discovered in HAProxy through 1.8.14. Due to a missi...

7.5CVSS6.8AI score0.04347EPSS
Exploits0References6
Amazon
Amazon
added 2023/09/25 12:0 a.m.3 views

Important: haproxy2

Issue Overview: An out-of-bounds read in dnsvalidatednsresponse in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer,...

7.5CVSS7AI score0.04347EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/09/05 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2023-2645)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01201EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/09/05 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2023-2687)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01201EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/14 12:0 a.m.32 views

Debian DSA-5388-1 : haproxy - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5388 advisory. It was reported that HAProxy, a fast and reliable load balancing reverse proxy, does not properly initialize connection buffers when encoding the FCGIBEGINREQUEST record. ...

7.5CVSS7.1AI score0.01201EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2023/04/14 12:0 a.m.27 views

Debian: Security Advisory (DSA-5388-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01201EPSS
Exploits0References4
Debian
Debian
added 2023/04/13 8:16 p.m.33 views

[SECURITY] [DSA 5388-1] haproxy security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5388-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2023 https://www.debian.org/security/faq -...

7.5CVSS7.5AI score0.01201EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/04/03 12:0 a.m.28 views

Ubuntu 22.04 LTS : HAProxy vulnerability (USN-5994-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5994-1 advisory. It was discovered that HAProxy incorrectly initialized certain connection buffers. A remote attacker could possibly use this issue to obtain sensitive information...

7.5CVSS7.3AI score0.01201EPSS
Exploits0References2
OSV
OSV
added 2023/03/29 12:0 a.m.8 views

CVE-2023-0836

An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGIBEGINREQUEST record. Sensitive data may be disclos...

7.5CVSS7.3AI score0.01201EPSS
Exploits0References4
CVE
CVE
added 2023/03/29 12:0 a.m.200 views

CVE-2023-0836

CVE-2023-0836 is an information-leak in HAProxy. The vulnerability affects HAProxy releases up to: 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, and 2.7 before 2.7.1, where 5 bytes remain uninitialized in the connection buffer when encoding the FCGI_BEGIN_RE...

7.5CVSS7.2AI score0.01201EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder