CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1990 matches found

OSV•added 2024/10/14 4:15 a.m.•1 views

DEBIAN-CVE-2024-49214

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality...

5.3CVSS5.6AI score0.00105EPSS

Exploits0References1

NVD•added 2024/10/14 4:15 a.m.•12 views

CVE-2024-49214

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality...

5.3CVSS0.00105EPSS

Exploits0References7

OSV•added 2024/10/14 4:15 a.m.•48 views

CVE-2024-49214

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality...

5.3CVSS6.8AI score

Exploits0References7

OSV•added 2024/10/14 4:15 a.m.•2 views

AZL-50333 CVE-2024-49214 affecting package haproxy for versions less than 2.4.24-1

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality...

5.3CVSS5.8AI score0.00105EPSS

Exploits0References1

UbuntuCve•added 2024/10/14 4:15 a.m.•13 views

CVE-2024-49214

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality...

5.3CVSS6.1AI score0.00105EPSS

Exploits0References7

OSV•added 2024/10/14 4:15 a.m.•1 views

UBUNTU-CVE-2024-49214

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality...

5.3CVSS5.8AI score0.00105EPSS

Exploits0References8

Cvelist•added 2024/10/14 12:0 a.m.•21 views

CVE-2024-49214

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality...

5.3CVSS0.00105EPSS

Exploits0References7

Tenable Nessus•added 2024/10/14 12:0 a.m.•35 views

Ubuntu 18.04 LTS : HAProxy vulnerability (USN-7067-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7067-1 advisory. It was discovered that HAProxy did not properly limit the creation of new HTTP/2 streams. A remote attacker could possibly use this issue to cause HAProxy to...

7.5CVSS7.3AI score0.94395EPSS

Exploits19References2

CNNVD•added 2024/10/14 12:0 a.m.•2 views

HAProxy 安全漏洞

HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy. The server provides Layer 4 and Layer 7 proxies and can support tens of thousands of connection levels with high efficiency and stability. A security vulnerability exists in HAProxy that stems from the use o...

5.3CVSS5.3AI score0.00105EPSS

Exploits0References9

Debian CVE•added 2024/10/14 12:0 a.m.•13 views

CVE-2024-49214

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality...

5.3CVSS5.6AI score0.00105EPSS

Exploits0

Vulnrichment•added 2024/10/14 12:0 a.m.•14 views

CVE-2024-49214

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality...

5.3CVSS6.8AI score0.00105EPSS

Exploits0References7

CVE•added 2024/10/14 12:0 a.m.•788 views

CVE-2024-49214

The CVE-2024-49214 issue affects HAProxy QUIC handling. Affected: HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11. Root cause: insufficient validation enables opening a 0-RTT session with a spoofed IP, bypassing IP allow/block lists. Impact: potential unauthorized acces...

5.3CVSS5.4AI score0.00105EPSS

Exploits0References7

Positive Technologies•added 2024/10/13 12:0 a.m.•2 views

PT-2024-7691 · Haproxy +2 · Haproxy +2

Name of the Vulnerable Software and Affected Versions: HAProxy versions 2.9.x through 2.9.10 HAProxy versions 3.0.x through 3.0.4 HAProxy versions 3.1.x through 3.1-dev6 Description: The issue allows an attacker to open a 0-RTT session with a spoofed IP address, bypassing the IP allow/block list...

5.3CVSS7AI score0.00105EPSS

Exploits0References26

Tenable Nessus•added 2024/09/24 12:0 a.m.•15 views

EulerOS 2.0 SP8 : haproxy (EulerOS-SA-2024-2472)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified...

8.2CVSS6.9AI score0.00027EPSS

Exploits0References2

OpenVAS•added 2024/09/23 12:0 a.m.•11 views

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2024-2472)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS8.3AI score0.00027EPSS

Exploits0References2

OSV•added 2024/09/16 5:37 p.m.•13 views

RHSA-2024:1142 Red Hat Security Advisory: haproxy security update

Bulletin has no description...

7.5CVSS6.8AI score0.00091EPSS

Exploits1References11

OSV•added 2024/09/16 5:36 p.m.•11 views

RHSA-2024:1089 Red Hat Security Advisory: haproxy security update

Bulletin has no description...

7.5CVSS6.8AI score0.00091EPSS

Exploits1References11