haproxy: it can lead to a situation with an attacker-controlled HTTP Host header because a mismatch between Host and authority is mishandled

haproxy was found to be vulnerable to HTTP host header attack: This problem creates a scenario in which it's possible to drop the Host header and use the authority only after forwarding to a second http2 layer, possibly causing two differing values of Host at a different stage. The highest threat...

The vulnerability of the software for ensuring high availability and load balancing for TCP and HTTP applications managed by Haproxy arises from the execution of a loop with an unreachable exit condition. This allows a attacker to cause a service failure.

The vulnerability of the software used for ensuring high availability and load balancing for TCP and HTTP applications managed by Haproxy is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow a malicious actor to cause service failures...

openSUSE: Security Advisory for haproxy (openSUSE-SU-2021:1329-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE 15 Security Update : haproxy (openSUSE-SU-2021:1329-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1329-1 advisory. - An integer overflow exists in HAProxy 2.0 through 2.5 in htxaddheader that can be exploited to perform an HTTP request smuggling attack, allowing ...

OPENSUSE-SU-2021:1329-1 Security update for haproxy

This update for haproxy fixes the following issues: - CVE-2021-40346: Fixed request smuggling vulnerability in HTX bsc1189877. This update was imported from the SUSE:SLE-15-SP1:Update update project...

Security update for haproxy (moderate)

openSUSE Security Update: Security update for haproxy Announcement ID: openSUSE-SU-2021:1329-1 Rating: moderate References: 1189877 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for haproxy fixes the following issues: -...

Fedora: Security Advisory for haproxy (FEDORA-2021-b4bcf9141d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2021-1367 haproxy security update

HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for very high traffic web sites and powers quite a number of the world's most visited ones. Security Fixes: An integer overflo...

SUSE SLES15 Security Update : haproxy (SUSE-SU-2021:3257-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:3257-1 advisory. - An integer overflow exists in HAProxy 2.0 through 2.5 in htxaddheader that can be exploited to perform an HTTP request smuggling attack, allowing an...

SUSE SLES15 Security Update : haproxy (SUSE-SU-2021:3258-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:3258-1 advisory. - An integer overflow exists in HAProxy 2.0 through 2.5 in htxaddheader that can be exploited to perform an HTTP request smuggling attack, allowing an...

SUSE-SU-2021:3258-1 Security update for haproxy

This update for haproxy fixes the following issues: - CVE-2021-40346: Fixed request smuggling vulnerability in HTX bsc1189877...

SUSE-SU-2021:3257-1 Security update for haproxy

This update for haproxy fixes the following issues: - CVE-2021-40346: Fixed request smuggling vulnerability in HTX bsc1189877...

Photon OS 2.0: Haproxy PHSA-2021-2.0-0393

An update of the haproxy package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-2.0-0393. The text itself is copyright C VMware, Inc...

Photon OS 4.0: Haproxy PHSA-2021-4.0-0104

An update of the haproxy package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-4.0-0104. The text itself is copyright C VMware, Inc...

Photon OS 3.0: Haproxy PHSA-2021-3.0-0303

An update of the haproxy package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0303. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Photon OS 1.0: Haproxy PHSA-2021-1.0-0435

An update of the haproxy package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0435. The text itself is copyright C VMware, Inc...

Important Photon OS Security Update - PHSA-2021-3.0-0303

Updates of 'libsepol', 'consul', 'haproxy', 'libtiff', 'kubernetes' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2021-0303

Updates of 'consul', 'libsepol', 'kubernetes', 'haproxy', 'libtiff' packages of Photon OS have been released...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0435

An update of 'haproxy', 'kubernetes', 'libsepol', 'httpd' packages of Photon OS has been released...

Important Photon OS Security Update - PHSA-2021-0104

Updates of 'haproxy' packages of Photon OS have been released...