OESA-2024-2548 haproxy security update

HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for very high traffic web sites and powers quite a number of the world's most visited ones. Security Fixes: Inconsistent...

OESA-2024-2547 haproxy security update

HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for very high traffic web sites and powers quite a number of the world's most visited ones. Security Fixes: Inconsistent...

OESA-2024-2546 haproxy security update

HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for very high traffic web sites and powers quite a number of the world's most visited ones. Security Fixes: Inconsistent...

OESA-2024-2545 haproxy security update

HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for very high traffic web sites and powers quite a number of the world's most visited ones. Security Fixes: Inconsistent...

Moderate Photon OS Security Update - PHSA-2024-5.0-0426

Updates of 'haproxy' packages of Photon OS have been released...

CLSA-2024-1733908866 Fix CVE(s): CVE-2023-25725

SECURITY UPDATE: The HTTP header parsers in HAProxy may accept empty header field names - debian/patches/CVE-2023-25725.patch: prevent empty header field names - CVE-2023-25725...

BIT-HAPROXY-2024-53008

Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...

Ubuntu: Security Advisory (USN-7135-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7133-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7135-1: HAProxy vulnerability

Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy incorrectly handled empty header names. A remote attacker could possibly use this issue to manipulate headers and bypass certain authentication checks and restrictions...

USN-7135-1 haproxy vulnerability

Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy incorrectly handled empty header names. A remote attacker could possibly use this issue to manipulate headers and bypass certain authentication checks and restrictions...

USN-7133-1: HAProxy vulnerability

Yuki Mogi discovered that HAProxy incorrectly handled the interpretation of certain HTTP requests. A remote attacker could possibly use this issue to perform a request smuggling attack and obtain sensitive information...

USN-7133-1 haproxy vulnerability

Yuki Mogi discovered that HAProxy incorrectly handled the interpretation of certain HTTP requests. A remote attacker could possibly use this issue to perform a request smuggling attack and obtain sensitive information...

Ubuntu 16.04 LTS : HAProxy vulnerability (USN-7135-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7135-1 advisory. Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy incorrectly handled empty header names. A remote...

Ubuntu 24.04 LTS : HAProxy vulnerability (USN-7133-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7133-1 advisory. Yuki Mogi discovered that HAProxy incorrectly handled the interpretation of certain HTTP requests. A remote attacker could possibly use this issue to perform a...

ROS-20241203-03

The HTTP request interpretation vulnerability in HAProxy is related to the ability to access a path that is restricted by an ACL access control list installed on the product. Exploitation of the vulnerability could Allow an attacker acting remotely to obtain sensitive information...

SUSE CVE-2024-53008

Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...

CVE-2024-53008

A flaw was found in HAProxy. This vulnerability allows a remote attacker to access a path restricted by the Access Control List ACL set on the product. As a result, the attacker may obtain sensitive information...

CVE-2024-53008 vulnerabilities

Vulnerabilities for packages: haproxy...

CVE-2024-53008

Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...