Fedora: Security Advisory for golang-github-haproxytech-dataplaneapi (FEDORA-2022-3a63897745)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: golang-github-haproxytech-client-native-2.5.3-2.fc35

Go client for HAProxy configuration and runtime API...

CVE-2022-0711 affecting package haproxy for versions less than 2.4.13-1

CVE-2022-0711 affecting package haproxy for versions less than 2.4.13-1. A patched version of the package is available...

haproxy: Denial of service via set-cookie2 header

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerabili...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.7.49 security update

Red Hat OpenShift Container Platform release 4.7.49 is now available with updates to packages and images that fix several bugs and add enhancements. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.49. Red Hat Product Security has rated this update as having a...

RHEL 7 / 8 : OpenShift Container Platform 4.7.49 (RHSA-2022:1336)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1336 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

Vulnerability fixed in HAProxy

A vulnerability has been fixed in HAProxy. A malicious party could exploit the vulnerability to cause a denial-of-service. By sending a specifically prepared HTTP response, the application will enter a loop and thus become become unreachable. -= Debian =- Debian has made updates to haproxy...

CVE-2021-4047

The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue only affects Red Hat OpenShift 4.9...

CVE-2021-4047

The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue only affects Red Hat OpenShift 4.9...

CVE-2021-4047

The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue only affects Red Hat OpenShift 4.9...

Design/Logic Flaw

The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue only affects Red Hat OpenShift 4.9...

haproxy: Denial of service via set-cookie2 header

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerabili...

CVE-2021-4047

CVE-2021-4047 notes that OpenShift 4.9.6 patching omitted CVE-2021-39242 for haproxy. Public sources confirm CVE-2021-39242 is a haproxy HTTP Host header mismatch issue (affecting versions prior to 2.2.16/2.3.13/2.4.3) with potential security bypass implications; IBM Red Hat/Amazon/Linux advisori...

PT-2022-11247 · Red Hat · Red Hat Openshift

Name of the Vulnerable Software and Affected Versions: Red Hat OpenShift version 4.9 Description: The issue affects Red Hat OpenShift due to a missing patch for a specific fix in the haproxy package. Recommendations: For Red Hat OpenShift version 4.9, ensure the haproxy package is updated to...

Inconsistent Interpretation of HTTP Requests in twisted.web

The Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230: 1. The Content-Length header value could have a + or - prefix. 2. Illegal characters were permitted in chunked extensions, such as the LF \n...

GHSA-C2JG-HW38-JRQQ Inconsistent Interpretation of HTTP Requests in twisted.web

The Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230: 1. The Content-Length header value could have a + or - prefix. 2. Illegal characters were permitted in chunked extensions, such as the LF \n...

GHSA-H99W-9Q5R-GJQ9 Puma vulnerable to HTTP Request Smuggling

When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. This would allow requests to be smuggled via the front-end proxy to Puma. The following...

Puma vulnerable to HTTP Request Smuggling

When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. This would allow requests to be smuggled via the front-end proxy to Puma. The following...

Important Photon OS Security Update - PHSA-2022-4.0-0167

Updates of 'haproxy', 'libxml2' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2022-0167

Updates of 'libxml2', 'haproxy' packages of Photon OS have been released...