Ubuntu: Security Advisory (USN-5819-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5819-1: HAProxy vulnerability

It was discovered that HAProxy incorrectly handled certain messages. A remote attacker could possibly use this issue to cause HAProxy to stop responding, resulting in a denial of service...

USN-5819-1 haproxy vulnerability

It was discovered that HAProxy incorrectly handled certain messages. A remote attacker could possibly use this issue to cause HAProxy to stop responding, resulting in a denial of service...

RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2020:1287)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1287 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

RHEL 7 : rh-haproxy18-haproxy (RHSA-2020:1290)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1290 advisory. HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Security Fixes: haproxy: malformed HTTP/2 reques...

RHEL 7 : rh-haproxy18-haproxy (RHSA-2020:2265)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2265 advisory. HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. The following packages have been upgrad...

Ubuntu 20.04 LTS / 22.04 LTS : HAProxy vulnerability (USN-5819-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5819-1 advisory. It was discovered that HAProxy incorrectly handled certain messages. A remote attacker could possibly use this issue to cause HAProxy to stop...

The vulnerability of the HTTP server software implementation in HAProxy arises from insufficient input validation, allowing attackers to compromise data integrity.

The vulnerability of the HTTP server software of HAProxy is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to compromise data integrity from a remote location...

CVE-2023-0056

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability...

UBUNTU-CVE-2023-0056

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability...

CVE-2023-0056

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability...

VulnCheck KEV: CVE-2022-31137

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 6.1.1.0 are subject to a remote code execution vulnerability. System commands can be run remotely via the subprocessexecute function without processing the inputs received from the user in...

CVE-2022-41881

A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service DoS...

Denial Of Service (DoS)

netty-codec-haproxy is vulnerable to Denial Of Service DoS. The vulnerability is due to a StackOverflowError in the HAProxyMessage.java as it does not properly limit the maximum nesting of TLV, allowing an attacker to cause an application crash via infinite recursion by passing a maliciously...

The vulnerability of the server software HAProxy, related to deficiencies in handling exceptional states, allows a perpetrator to compromise data integrity.

The vulnerability of the server software HAProxy is related to deficiencies in handling exceptional states. Exploiting this vulnerability allows a remote attacker to compromise data integrity...

The vulnerability of the htx_add_header function in the include/haproxy/htx.h component of HAProxy’s server software allows a attacker to compromise data integrity.

The vulnerability of the htxaddheader function in the include/haproxy/htx.h component of HAProxy server software is related to integer overflow. Exploiting this vulnerability allows a remote attacker to compromise data integrity...

The vulnerability of the server software HAProxy arises from executing a loop with an unavailable exit condition, allowing a attacker to cause a service failure.

The vulnerability of the server software HAProxy lies in the execution of a loop with an unavailable exit condition. Exploiting this vulnerability allows a malicious actor to cause service failures...

The vulnerability of the server software HAProxy, related to insufficient input data validation, allows attackers to gain access to confidential data.

The vulnerability of the server software HAProxy is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to gain access to confidential data...

haproxy bug fix and enhancement update

An update is available for haproxy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.1...

haproxy bug fix and enhancement update

An update is available for haproxy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.7...