Important Photon OS Security Update - PHSA-2021-4.0-0092

Updates of 'haproxy', 'cpio' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2021-0293

Updates of 'haproxy', 'dnsmasq' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2021-3.0-0293

Updates of 'dnsmasq', 'haproxy' packages of Photon OS have been released...

Fedora: Security Advisory for haproxy (FEDORA-2021-3ab4512c98)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for haproxy (FEDORA-2021-e6557245e8)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 33 Update: haproxy-2.2.16-1.fc33

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

[SECURITY] Fedora 34 Update: haproxy-2.3.13-1.fc34

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

Privilege Escalation

HAProxy is vulnerable to privilege escalation. The vulnerability exists due to a flaw in HTTP method name that when it contains a space followed by the name of a protected resource, it is possible that a server would interpret this as a request for that protected resource, such as in the "GET...

Authorization Bypass

haproxy is vulnerable to authorization bypass. Lack of validation of the HTTP Host header could potentially result in bypass of access controls due to a mishandling of the Host and authority...

Insecure URL Path

HAProxy has insecure path. The vulnerability exists due to the system not ensuring that the scheme and path portions of a URI have the expected characters...

openSUSE: Security Advisory for haproxy (openSUSE-SU-2021:1167-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : haproxy (openSUSE-SU-2021:1167-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1167-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300 C...

OPENSUSE-SU-2021:1167-1 Security update for haproxy

This update for haproxy fixes the following issues: - Fixes HAProxy vulnerabilities on H2 bsc1189366. This update was imported from the SUSE:SLE-15-SP1:Update update project...

openSUSE 15 Security Update : haproxy (openSUSE-SU-2021:2773-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:2773-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300 C...

SUSE SLES15 Security Update : haproxy (SUSE-SU-2021:2773-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:2773-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300 C...

Security update for haproxy (important)

openSUSE Security Update: Security update for haproxy Announcement ID: openSUSE-SU-2021:1167-1 Rating: important References: 1189366 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for haproxy fixes the following issues: ...

openSUSE: Security Advisory for haproxy (openSUSE-SU-2021:2773-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2021:2773-1 Security update for haproxy

This update for haproxy fixes the following issues: - Fixes HAProxy vulnerabilities on H2 bsc1189366...

SUSE-SU-2021:2773-1 Security update for haproxy

This update for haproxy fixes the following issues: - Fixes HAProxy vulnerabilities on H2 bsc1189366...

CVE-2021-39242

haproxy was found to be vulnerable to HTTP host header attack: This problem creates a scenario in which it's possible to drop the Host header and use the authority only after forwarding to a second http2 layer, possibly causing two differing values of Host at a different stage. The highest threat...