1990 matches found
OPENSUSE-SU-2020:0444-1 Security update for haproxy
This update for haproxy fixes the following issues: - CVE-2020-11100: Fixed an H2/HPAC vulnerability ch might have allowed arbitrary writes into a 32-bit relative address space bsc1168023. This update was imported from the SUSE:SLE-15-SP1:Update update project...
Security update for haproxy (important)
openSUSE Security Update: Security update for haproxy Announcement ID: openSUSE-SU-2020:0444-1 Rating: important References: 1168023 Cross-References: CVE-2020-11100 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for haproxy...
Denial Of Service (DoS)
haproxy is vulnerable to denial of service DoS. The vulnerability exists through malformed HTTP/2 requests that can lead to out-of-bounds writes...
FreeBSD : HAproxy -- serious vulnerability affecting the HPACK decoder used for HTTP/2 (7f829d44-7509-11ea-b47c-589cfc0f81b0)
The HAproxy Project reports : The main driver for this release is that it contains a fix for a serious vulnerability that was responsibly reported last week by Felix Wilhelm from Google Project Zero, affecting the HPACK decoder used for HTTP/2. CVE-2020-11100 was assigned to this issue. C Tenable...
HAProxy Buffer Overflow Vulnerability
HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy. The server provides 4-layer and 7-layer proxy , and can support tens of thousands of level of connections , with high efficiency , stability and other characteristics . A security vulnerability exists in the...
DEBIAN-CVE-2020-11100
In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution...
CVE-2020-11100
In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution...
ALPINE-CVE-2020-11100
In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution...
CVE-2020-11100
In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution...
Remote code execution
In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution...
CVE-2020-11100
In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution...
CVE-2020-11100
In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution...
CVE-2020-11100
HAProxy CVE-2020-11100 involves an out-of-bounds write in the HPACK decoder ({Hpack_dht_insert} in {hpack-tbl.c}) that could allow a remote attacker to execute code via a crafted HTTP/2 request. Amazon Linux 2 advisory ALAS2HAPROXY2-2023-006 confirms the fix in haproxy2 2.1.4-1 (haproxy2 package)...
EUVD-2020-3458
In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution...
CVE-2020-11100
In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution...
haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes
A flaw was found in the way HAProxy processed certain HTTP/2 request packets. This flaw allows an attacker to send crafted HTTP/2 request packets, which cause memory corruption, leading to a crash or potential remote arbitrary code execution with the permissions of the user running HAProxy...
Critical: Red Hat Security Advisory: haproxy security update
An update for haproxy is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes
A flaw was found in the way HAProxy processed certain HTTP/2 request packets. This flaw allows an attacker to send crafted HTTP/2 request packets, which cause memory corruption, leading to a crash or potential remote arbitrary code execution with the permissions of the user running HAProxy...
Critical: Red Hat Security Advisory: rh-haproxy18-haproxy security update
An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes
A flaw was found in the way HAProxy processed certain HTTP/2 request packets. This flaw allows an attacker to send crafted HTTP/2 request packets, which cause memory corruption, leading to a crash or potential remote arbitrary code execution with the permissions of the user running HAProxy...