Important Photon OS Security Update - PHSA-2021-0435

Updates of 'haproxy', 'httpd', 'libsepol', 'kubernetes' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2021-4.0-0104

Updates of 'haproxy' packages of Photon OS have been released...

Fedora: Security Advisory for haproxy (FEDORA-2021-cd5ee418f6)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for haproxy (FEDORA-2021-3493f9f6ab)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 33 Update: haproxy-2.2.17-1.fc33

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

[SECURITY] Fedora 34 Update: haproxy-2.3.14-1.fc34

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

HTTP Request Smuggling (HRS)

haproxy is vulnerable to HTTP request smuggling. The vulnerability exists due to a lack of sanitization which allows an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs...

Exploit for Integer Overflow or Wraparound in Haproxy

C...

Exploit for Integer Overflow or Wraparound in Haproxy

CVE-2021-40346-POC CVE-2021-40346 integer overflow enables...

Ubuntu: Security Advisory (USN-5063-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HAProxy input validation error vulnerability

HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy=. =HAProxy suffers from an input validation error vulnerability, which stems from a lack of header name length checking in the htxaddheader and htxaddtrailer functions in HAProxy, and can be exploited by an...

Debian: Security Advisory (DSA-4968-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Integer Overflow or Wraparound in Haproxy

CVE-2021-40346 CVE-2021-40346 PoC HAProxy HTTP Smuggling Fo...

CVE-2021-40346

An integer overflow exists in HAProxy 2.0 through 2.5 in htxaddheader that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs...

CVE-2021-40346

An integer overflow exists in HAProxy 2.0 through 2.5 in htxaddheader that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs...

DEBIAN-CVE-2021-40346

An integer overflow exists in HAProxy 2.0 through 2.5 in htxaddheader that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs...

Integer overflow

An integer overflow exists in HAProxy 2.0 through 2.5 in htxaddheader that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs...

CVE-2021-40346

An integer overflow exists in HAProxy 2.0 through 2.5 in htxaddheader that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs...

CVE-2021-40346

CVE-2021-40346 affects HAProxy 2.0–2.5, due to an integer overflow in htx_add_header() , enabling an HTTP request smuggling attack that can bypass configured ACLs. The connected documents confirm the root cause and potential impact (HTTP request smuggling, ACL bypass). A public exploit/PoC is not...

CVE-2021-40346

An integer overflow exists in HAProxy 2.0 through 2.5 in htxaddheader that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs...