1988 matches found
DEBIAN-CVE-2024-53008
Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...
CVE-2024-53008
Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...
CVE-2024-53008
Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...
CVE-2024-53008
CVE-2024-53008 is confirmed in multiple advisories affecting HAProxy across Linux distributions (Amazon Linux 2023, EulerOS 2.0 SP12, Photon OS 4, TencentOS Server 4, Astra Linux). The issue is described as an insecure interpretation of HTTP requests (HTTP Request/Response Smuggling) that may all...
CVE-2024-53008
Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...
UBUNTU-CVE-2024-53008
Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...
HAProxy vulnerable to HTTP request/response smuggling
Overview HAProxy HTTP/3 implementation contains an issue on accepting malformed HTTP headers. When a request including malformed HTTP headers is forwarded to a HTTP/1.1 non-compliant back-end server, it is exploited to conduct an HTTP request/response smuggling attack CWE-444. Yuki Mogi of FFRI...
PT-2024-8962 · Haproxy +6 · Haproxy +6
Name of the Vulnerable Software and Affected Versions: HAProxy affected versions not specified Description: The issue is related to an inconsistent interpretation of HTTP requests, also known as 'HTTP Request/Response Smuggling' or 'Contrabando de solicitudes/respuestas HTTP'. This allows a remot...
HAProxy 环境问题漏洞
HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy. The server provides Layer 4 and Layer 7 proxies and can support tens of thousands of connection levels with high efficiency and stability. HAProxy suffers from an environmental issue vulnerability that stems...
JVN#88385716: HAProxy vulnerable to HTTP request/response smuggling
HAProxy HTTP/3 implementation contains an issue on accepting malformed HTTP headers. When a request including malformed HTTP headers is forwarded to a HTTP/1.1 non-compliant back-end server, it is exploited to conduct an HTTP request/response smuggling attack CWE-444. Impact A remote attacker may...
RHSA-2024:10271 Red Hat Security Advisory: haproxy security update
Bulletin has no description...
RHSA-2024:10267 Red Hat Security Advisory: haproxy security update
Bulletin has no description...
Moderate: Red Hat Security Advisory: haproxy security update
An update for haproxy is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...
haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
Moderate: Red Hat Security Advisory: haproxy security update
An update for haproxy is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 8 : haproxy (RHSA-2024:10267)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:10267 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy:...
RHEL 8 : haproxy (RHSA-2024:10271)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:10271 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy:...
RHSA-2024:9945 Red Hat Security Advisory: haproxy security update
Bulletin has no description...
Malicious code in jigasi-haproxy-agent (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a84edbe7b5074454dc19154e38a0b4aaebad52cb446488862a52aa8e62db2b53 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
RHEL 8 : haproxy (RHSA-2024:9945)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9945 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: untrimm...