Photon OS 2.0: Haproxy PHSA-2020-2.0-0227

An update of the haproxy package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0227. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Haproxy PHSA-2022-4.0-0263

An update of the haproxy package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0263. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Haproxy PHSA-2023-4.0-0373

An update of the haproxy package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0373. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Haproxy PHSA-2019-3.0-0010

An update of the haproxy package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0010. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Haproxy PHSA-2023-5.0-0009

An update of the haproxy package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0009. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Ubuntu 16.04 LTS / 18.04 LTS : HAProxy vulnerability (USN-6530-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6530-2 advisory. Seth Manesse and Paul Plasil discovered that HAProxy incorrectly handled URI components containing the hash character . A remote attacker could possib...

Photon OS 4.0: Haproxy PHSA-2023-4.0-0350

An update of the haproxy package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0350. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

EulerOS 2.0 SP8 : haproxy (EulerOS-SA-2024-2034)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified...

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2024-2034)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:2377-1 Security update for haproxy

This update for haproxy fixes the following issues: - CVE-2023-45539: Fixed misinterpretation of a pathend rule with as part of the URI component bsc1217653...

CVE-2024-37082

When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud Foundry applications. You are affected if you have route-services enabled in routing-release and have...

CVE-2024-37082

CVE-2024-37082 affects Cloud Foundry when deployed with the haproxy-boshrelease and non-default configuration, allowing HTTP requests to bypass mTLS against CF applications if route-services are enabled and ha_proxy.forwarded_client_cert is set to forward_only_if_route_service. Affected setup: Ro...

CVE-2024-37082

When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud Foundry applications. You are affected if you have route-services enabled in routing-release and have...

CVE-2024-37082

When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud Foundry applications. You are affected if you have route-services enabled in routing-release and have...

MAL-2024-6898 Malicious code in fluent-plugin-haproxy-stats (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in fluent-plugin-haproxy-stats (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

CVE-2024-37082 - mTLS bypass | Cloud Foundry

Severity CRITICAL Vendor CloudFoundry Foundation Versions Affected Routing Release 10.6.0 Description When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud...

OPENSUSE-SU-2024:13116-1 haproxy-2.8.2+git0.61a0f576a-2.1 on GA media

These are all security issues fixed in the haproxy-2.8.2+git0.61a0f576a-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10839-1 haproxy-2.4.4+git0.acb1d0bea-1.2 on GA media

These are all security issues fixed in the haproxy-2.4.4+git0.acb1d0bea-1.2 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:12686-1 haproxy-2.7.3+git0.1065b1000-1.1 on GA media

These are all security issues fixed in the haproxy-2.7.3+git0.1065b1000-1.1 package on the GA media of openSUSE Tumbleweed...