1990 matches found
CVE-2023-45539
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
DEBIAN-CVE-2023-45539
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
CVE-2023-45539
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
AZL-32061 CVE-2023-45539 affecting package haproxy for versions less than 2.4.24-1
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
Code injection
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
HAProxy Security Vulnerabilities
HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy. The server provides 4-layer and 7-layer proxies and can support tens of thousands of levels of connections with high efficiency and stability. A security vulnerability exists in HAProxy versions prior to...
CVE-2023-45539
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
CVE-2023-45539
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
CVE-2023-45539
CVE-2023-45539 affects HAProxy prior to 2.8.2, where a URI component could include a ‘#’ character. This can cause misinterpretation of path_end rules and may lead to information disclosure or other impact (e.g., routing index.html#.png to a static server) as described in multiple advisories. Aff...
CVE-2023-45539
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
PT-2023-8863
Name of the Vulnerable Software and Affected Versions HAProxy versions prior to 2.8.2 Description The issue is related to HAProxy accepting as part of the URI component. This could allow remote attackers to obtain sensitive information or have other unspecified impacts due to the misinterpretatio...
Mageia: Security Advisory (MGASA-2023-0320)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2023-0320 Updated haproxy packages fix security vulnerability
Haproxy has fixed security and other issues in last upstream version 2.8.3 of branch 2.8 Default user access are now commented out to prevent local action possible exploit and prevent further rpmnew on future updates. Use a check script to have config check result in error log on failure. Fix...
Updated haproxy packages fix security vulnerability
Haproxy has fixed security and other issues in last upstream version 2.8.3 of branch 2.8 Default user access are now commented out to prevent local action possible exploit and prevent further rpmnew on future updates. Use a check script to have config check result in error log on failure. Fix...
Oracle Linux 9 : haproxy (ELSA-2023-6496)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-6496 advisory. 2.4.22-1 - Update to 2.4.22 2196530 2.4.17-7 - Fix uninitizalized resevered bytes CVE-2023-0836, 2180861 Tenable has extracted the preceding description block...
The vulnerability of the server software HAProxy, related to deficiencies in HTTP request processing, allows attackers to compromise data integrity.
The vulnerability of the server software HAProxy is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to compromise data integrity from a remote location...
haproxy security and bug fix update
2.4.22-1 - Update to 2.4.22 2196530 2.4.17-7 - Fix uninitizalized resevered bytes CVE-2023-0836, 2180861...
Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2023-3180)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2023-3215)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
haproxy: data leak via fcgi requests
A flaw was found in HAProxy, which could allow a remote attacker to obtain sensitive information caused by improper initialization when encoding the FCGIBEGINREQUEST record. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and us...