Fedora: Security Advisory (FEDORA-2024-39913e097a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : haproxy (2024-39913e097a)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-39913e097a advisory. Update to 2.9.10 CVE-2024-45506 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

RHEL 8 / 9 : OpenShift Container Platform 4.14.36 (RHSA-2024:6412)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6412 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

ROS-20240910-01

A vulnerability in the HAProxy server software is related to entering an infinite loop when given certain input data. of certain inputs. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service...

The vulnerability of the scanning function for web interface ports in the Roxy-WI server management solutions Haproxy, Nginx, Apache, and Keepalived allows a attacker to execute arbitrary commands with root privileges.

The vulnerability of the scanning function of the Roxy-WI web interface for Haproxy, Nginx, Apache, and Keepalived exists due to the lack of measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with root privileges by sendi...

The vulnerability of the server software HAProxy lies in its ability to enter an infinite loop when processing certain input data, allowing a hacker to cause a service failure.

The vulnerability of the server software HAProxy is related to its ability to enter an infinite loop when certain input data is provided. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2024-45506

A flaw was found in HAProxy. An issue in the HTTP/2 multiplexer combined with the zero-copy forwarding system allows remote attackers to trigger under very rare conditions an endless loop and cause a denial of service. Mitigation Disable the zero-copy forwarding system to mitigate this issue. Add...

AZL-48668 CVE-2024-45506 affecting package haproxy for versions less than 2.9.11-1

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding h2send loop under a certain set of conditions, as exploited in the wild in 2024...

CVE-2024-45506 vulnerabilities

Vulnerabilities for packages: haproxy...

CVE-2024-45506

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding h2send loop under a certain set of conditions, as exploited in the wild in 2024...

CVE-2024-45506 vulnerabilities

Vulnerabilities for packages: haproxy...

CVE-2024-45506

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service...

CVE-2024-45506

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding h2send loop under a certain set of conditions, as exploited in the wild in 2024...

DEBIAN-CVE-2024-45506

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding h2send loop under a certain set of conditions, as exploited in the wild in 2024...

UBUNTU-CVE-2024-45506

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding h2send loop under a certain set of conditions, as exploited in the wild in 2024...

SUSE CVE-2024-45506

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding h2send loop under a certain set of conditions, as exploited in the wild in 2024...

OPENSUSE-SU-2024:14307-1 haproxy-3.0.4+git0.7a59afa93-1.1 on GA media

These are all security issues fixed in the haproxy-3.0.4+git0.7a59afa93-1.1 package on the GA media of openSUSE Tumbleweed...

HAProxy 安全漏洞

HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy. The server provides 4-layer and 7-layer proxies and can support tens of thousands of level connections with high efficiency and stability. A security vulnerability exists in HAProxy version 2.9.x up to and...

CVE-2024-45506

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding h2send loop under a certain set of conditions, as exploited in the wild in 2024...

CVE-2024-45506

CVE-2024-45506 affects HAProxy 2.9.x < 2.9.10, 3.0.x