Lucene search
+L

193 matches found

cve
cve
added 2026/06/26 5:59 p.m.19 views

CVE-2026-47692

Envoy vulnerability CVE-2026-47692: PROXY Protocol v2 header generator can emit TLVs beyond the maximum 65535-byte length, causing a mismatch between bytes written and the length field and potentially smuggling bytes upstream. Affected versions: 1.34.0 through 1.35.13, 1.36.9, 1.37.5, and 1.38.3....

4.8CVSS5.8AI score0.00218EPSS
Exploits0References1Affected Software1
osv
osv
added 2026/06/26 5:59 p.m.3 views

CVE-2026-47692 Envoy: PROXY Protocol v2 header generator emits "skipped" TLVs, causing 65 KB attacker-controlled spillover into the upstream application stream

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, PROXY Protocol v2 header generator emits TLVs beyond the maximum length of 65535 bytes, causing a mismatch between bytes written and the length field in th...

4.8CVSS5.9AI score0.00218EPSS
Exploits0References3
euvd
euvd
added 2026/06/26 5:59 p.m.9 views

EUVD-2026-39827

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, PROXY Protocol v2 header generator emits TLVs beyond the maximum length of 65535 bytes, causing a mismatch between bytes written and the length field in th...

4.8CVSS5.8AI score0.00218EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.17 views

PT-2026-52885

Name of the Vulnerable Software and Affected Versions Envoy versions 1.34.0 through 1.35.12 Envoy versions 1.36.0 through 1.36.8 Envoy versions 1.37.0 through 1.37.4 Envoy versions 1.38.0 through 1.38.2 Description The PROXY Protocol v2 header generator emits Type-Length-Values TLVs that exceed t...

4.8CVSS5.8AI score0.00218EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/06/22 1:3 p.m.8 views

CVE-2026-48772

A flaw was found in ProxySQL, a proxy for MySQL and its forks, as well as PostgreSQL. A remote attacker can exploit this vulnerability by sending a specially crafted PROXY protocol version 1 PP1 header with an 'UNKNOWN' protocol token. Despite the specification requiring these address fields to b...

10CVSS5.8AI score0.00185EPSS
Exploits0References2
nvd
nvd
added 2026/06/19 8:16 p.m.27 views

CVE-2026-48772

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 2.0.0 through 3.0.8, the ProxySQL MySQL frontend accepts the PROXY UNKNOWN \r\n PP1 frame as a well-formed PROXY protocol header. The HAProxy PROXY protocol v1 specification says that when the protocol token is UNKNOW...

10CVSS0.00185EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/19 7:28 p.m.5 views

CVE-2026-48772

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 2.0.0 through 3.0.8, the ProxySQL MySQL frontend accepts the PROXY UNKNOWN \r\n PP1 frame as a well-formed PROXY protocol header. The HAProxy PROXY protocol v1 specification says that when the protocol token is UNKNOW...

10CVSS5.8AI score0.00185EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/06/19 7:28 p.m.25 views

CVE-2026-48772 ProxySQL: PROXY-Protocol-v1 UNKNOWN parses spoofed source IP, bypassing mysql_query_rules.client_addr ACL

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 2.0.0 through 3.0.8, the ProxySQL MySQL frontend accepts the PROXY UNKNOWN \r\n PP1 frame as a well-formed PROXY protocol header. The HAProxy PROXY protocol v1 specification says that when the protocol token is UNKNOW...

10CVSS0.00185EPSS
Exploits0References2
cve
cve
added 2026/06/19 7:28 p.m.40 views

CVE-2026-48772

ProxySQL (versions 2.0.0–3.0.8) is vulnerable to a PROXY protocol v1 UNKNOWN frame bypass. The frontend accepts the PROXY UNKNOWN header and, despite the spec requiring ignoring the address fields, ProxySQL parses them via sscanf and writes a spoofed source address into the session, feeding i...

10CVSS5.8AI score0.00185EPSS
Exploits0References2
osv
osv
added 2026/06/19 7:28 p.m.3 views

CVE-2026-48772 ProxySQL: PROXY-Protocol-v1 UNKNOWN parses spoofed source IP, bypassing mysql_query_rules.client_addr ACL

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 2.0.0 through 3.0.8, the ProxySQL MySQL frontend accepts the PROXY UNKNOWN \r\n PP1 frame as a well-formed PROXY protocol header. The HAProxy PROXY protocol v1 specification says that when the protocol token is UNKNOW...

10CVSS7.1AI score0.00185EPSS
Exploits0References4
redhat
redhat
added 2026/06/17 11:5 p.m.15 views

netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers

A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested PP2TYPESSL type-length-value TLV records. This can lead to a memory leak, causing the underlying cumulation...

8.7CVSS5.6AI score0.00606EPSS
Exploits0References7
redhat
redhat
added 2026/06/17 11:5 p.m.25 views

Important: Red Hat Security Advisory: Red Hat build of Apache Camel 4.18 for Quarkus 3.33 security update

A security update for Red Hat build of Apache Camel 4.18 for Quarkus 3.33 is now available. This text-only errata provides information about enhancements that improve your developer experience and ensure the security and stability of your applications. Red Hat Product Security has rated this upda...

10CVSS5.4AI score0.00665EPSS
Exploits1References23
redhat
redhat
added 2026/06/17 4:18 p.m.23 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.27.4.SP1 security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

10CVSS5.5AI score0.00606EPSS
Exploits2References6
redhat
redhat
added 2026/06/17 3:45 p.m.10 views

netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers

A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested PP2TYPESSL type-length-value TLV records. This can lead to a memory leak, causing the underlying cumulation...

8.7CVSS5.6AI score0.00606EPSS
Exploits0References7
redhat
redhat
added 2026/06/17 3:45 p.m.19 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.33.2.SP1 security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

10CVSS5.5AI score0.00606EPSS
Exploits2References5
susecve
susecve
added 2026/06/16 2:19 a.m.10 views

SUSE CVE-2026-48059

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nest...

7.5CVSS5.5AI score0.00606EPSS
Exploits0References4
redhatcve
redhatcve
added 2026/06/13 2:34 a.m.14 views

CVE-2026-48059

A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested PP2TYPESSL type-length-value TLV records. This can lead to a memory leak, causing the underlying cumulation...

8.7CVSS5.1AI score0.00606EPSS
Exploits0References6
nvd
nvd
added 2026/06/12 4:16 p.m.14 views

CVE-2026-48059

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nest...

8.7CVSS0.00606EPSS
Exploits0References12
osv
osv
added 2026/06/12 4:16 p.m.8 views

UBUNTU-CVE-2026-48059

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nest...

8.7CVSS5.5AI score0.00606EPSS
Exploits0References5
nvd
nvd
added 2026/06/12 3:16 p.m.12 views

CVE-2026-44893

Netty is a network application framework for development of protocol servers and clients. In netty-codec-haproxy prior to versions 4.1.135.Final and 4.2.15.Final, when decoding a PP2TYPESSL TLV, HAProxyMessage.readNextTLV first calls header.retainedSliceheader.readerIndex, length and only then...

7.5CVSS0.00594EPSS
Exploits0References12
Rows per page
Query Builder