ALSA-2024:8849 Moderate: haproxy security update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers CVE-2023-45539 For more details about the security issues, including th...

RHEL 7 : rh-haproxy18-haproxy (RHSA-2018:2882)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2882 advisory. HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Security Fixes: haproxy: Out-of-bounds read in...

RHEL 8 : haproxy (RHSA-2024:8849)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:8849 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: untrimm...

RHEL 7 : rh-haproxy18-haproxy (RHSA-2019:0275)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0275 advisory. HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Security Fixes: haproxy: Mishandling of priority...

haproxy security update

1.8.27-5.1 - Reject '' as part of URI path component CVE-2023-45539, RHEL-18168...

ROS-20241023-01

A vulnerability in the HAProxy server software is related to the opening of a 0-RTT session with a spoofed IP address. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the the functionality of the allowed/blocked IP address list...

BIT-HAPROXY-2024-49214

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality...

OESA-2024-2273 haproxy security update

HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for very high traffic web sites and powers quite a number of the world's most visited ones. Security Fixes: QUIC in HAProxy...

haproxy-3.0.5+git0.8e879a52e-2.1 on GA media (moderate)

haproxy-3.0.5+git0.8e879a52e-2.1 on GA media Announcement ID: openSUSE-SU-2024:14402-1 Rating: moderate Cross-References: CVE-2024-49214 CVSS scores: CVE-2024-49214 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerabili...

CVE-2024-45506 affecting package haproxy for versions less than 2.9.11-1

CVE-2024-45506 affecting package haproxy for versions less than 2.9.11-1. An upgraded version of the package is available that resolves this issue...

HAProxy 2.9.x before 2.9.10 3.0.x before 3.0.4 and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions as exploited in the wild in 2024.

...

SUSE CVE-2024-49214

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality...

Ubuntu: Security Advisory (USN-7067-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2024:14402-1 haproxy-3.0.5+git0.8e879a52e-2.1 on GA media

These are all security issues fixed in the haproxy-3.0.5+git0.8e879a52e-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2024-49214

A flaw was found in HAProxy's QUIC listener. This vulnerability can allow an attacker to bypass the IP allow/block list via a spoofed IP address in a 0-RTT session. The attacker could exploit this by obtaining a TLS session ticket using their real IP, then initiating a 0-RTT session with a spoofe...

USN-7067-1: HAProxy vulnerability

It was discovered that HAProxy did not properly limit the creation of new HTTP/2 streams. A remote attacker could possibly use this issue to cause HAProxy to consume excessive resources, leading to a denial of service...

USN-7067-1 haproxy vulnerability

It was discovered that HAProxy did not properly limit the creation of new HTTP/2 streams. A remote attacker could possibly use this issue to cause HAProxy to consume excessive resources, leading to a denial of service...

CVE-2024-49214 vulnerabilities

Vulnerabilities for packages: haproxy...

CVE-2024-49214

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality...

CVE-2024-49214 vulnerabilities

Vulnerabilities for packages: haproxy...