Important Photon OS Security Update - PHSA-2023-5.0-0167

Updates of 'haproxy', 'gstreamer' packages of Photon OS have been released...

Updated vim packages fix security vulnerabilities

The updated packages fix security vulnerabilities When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. CVE-2023-48231 A floating point exception may occur when calculating the line offset for...

SUSE SLES15 Security Update : haproxy (SUSE-SU-2023:4645-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:4645-1 advisory. - HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified oth...

SUSE-SU-2023:4647-1 Security update for haproxy

This update for haproxy fixes the following issues: - CVE-2023-45539: Fixed misinterpretation of a pathend rule with as part of the URI component bsc1217653...

SUSE-SU-2023:4646-1 Security update for haproxy

This update for haproxy fixes the following issues: - CVE-2023-45539: Fixed misinterpretation of a pathend rule with as part of the URI component bsc1217653. - CVE-2023-40225: reject any empty content-length header value bsc1214102...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.13.25 packages and security update

Red Hat OpenShift Container Platform release 4.13.25 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

haproxy: Proxy forwards malformed empty Content-Length headers

A flaw was found in HAProxy. Empty Content-Length headers are forwarded, which could cause an HTTP/1 server behind it to interpret the payload as an extra request. This may render the HTTP/1 server vulnerable to attacks in some uncommon cases...

Ubuntu: Security Advisory (USN-6530-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:4645-1 Security update for haproxy

This update for haproxy fixes the following issues: - CVE-2023-45539: Fixed misinterpretation of a pathend rule with as part of the URI component bsc1217653...

CVE-2023-45539

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

USN-6530-1 haproxy vulnerability

It was discovered that HAProxy incorrectly handled URI components containing the hash character . A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain pathend rules...

USN-6530-1: HAProxy vulnerability

It was discovered that HAProxy incorrectly handled URI components containing the hash character . A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain pathend rules...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : HAProxy vulnerability (USN-6530-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6530-1 advisory. It was discovered that HAProxy incorrectly handled URI components containing the hash character . A remote attacker could possibly use this...

CVE-2023-45539

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

UBUNTU-CVE-2023-45539

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

SUSE CVE-2023-45539

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

Information Disclosure

haproxy is vulnerable to Information Disclosure. The vulnerability exists in the URI component, potentially allowing an attacker to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule. This could include scenarios like routing index.html.png to a...

haproxy: Proxy forwards malformed empty Content-Length headers

A flaw was found in HAProxy. Empty Content-Length headers are forwarded, which could cause an HTTP/1 server behind it to interpret the payload as an extra request. This may render the HTTP/1 server vulnerable to attacks in some uncommon cases...

CVE-2023-45539

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

CVE-2023-45539

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...