17 matches found
CVE-2026-45924
CVE-2026-45924 affects the Linux kernel’s ksmbd integration. The flaw involves missing calls to ksmbd_vfs_kern_path_end_removing() on some error paths, needed to balance the successful ksmbd_vfs_kern_path_start_removing() calls. This can leave locks unbalanced and potentially cause deadlocks (per...
Astra Linux - уязвимость в haproxy
Before version 2.8.2, HAProxy allowed to be part of the URI component. This could allow remote attackers to obtain sensitive information or cause unspecified other issues due to misinterpretation of the pathend rule, such as routing index.html.png to a static server...
CLSA-2026-1776342757 haproxy: Fix of CVE-2023-45539
CVE-2023-45539: reject '' as part of the URI to prevent ACL bypass via pathend rules...
EUVD-2026-16322
path-to-regexp vulnerable to Regular Expression Denial of Service via multiple wildcards...
haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
USN-6530-2 haproxy vulnerability
Seth Manesse and Paul Plasil discovered that HAProxy incorrectly handled URI components containing the hash character . A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain pathend rules...
haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
USN-6530-1: HAProxy vulnerability
It was discovered that HAProxy incorrectly handled URI components containing the hash character . A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain pathend rules...
UBUNTU-CVE-2023-45539
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
CVE-2023-45539
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
DEBIAN-CVE-2023-45539
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
AZL-32061 CVE-2023-45539 affecting package haproxy for versions less than 2.4.24-1
HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...
HAProxy Security Vulnerabilities
HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy. The server provides 4-layer and 7-layer proxies and can support tens of thousands of levels of connections with high efficiency and stability. A security vulnerability exists in HAProxy versions prior to...