Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
haproxy haproxy vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2014-6269
Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 prior to 1.5.4 allow remote malicious users to cause a denial of service (crash) via a large stream of data, which triggers a buffer overflow and an out-of-bounds read.
Haproxy Haproxy 1.5.0
Haproxy Haproxy 1.5.1
Haproxy Haproxy 1.5
Haproxy Haproxy 1.5.2
Haproxy Haproxy 1.5.3
445
VMScore
CVE-2013-2175
HAProxy 1.4 prior to 1.4.24 and 1.5 prior to 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote malicious users to cause a denial of service (negative array index usage and crash) via an HTTP header with a...
Debian Debian Linux 6.0
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Redhat Enterprise Linux Load Balancer 6.4
Redhat Enterprise Linux Load Balancer 6.0
Haproxy Haproxy 1.4.18
Haproxy Haproxy 1.4.5
Haproxy Haproxy 1.4.11
Haproxy Haproxy 1.4.10
Haproxy Haproxy 1.4.1
Haproxy Haproxy 1.4.7
Haproxy Haproxy 1.4.21
Haproxy Haproxy 1.4.4
Haproxy Haproxy 1.4.19
Haproxy Haproxy 1.4
Haproxy Haproxy 1.4.2
Haproxy Haproxy 1.4.20
Haproxy Haproxy 1.4.13
Haproxy Haproxy 1.4.23
Haproxy Haproxy 1.4.16
Haproxy Haproxy 1.4.8
435
VMScore
CVE-2019-8953
The HAProxy package prior to 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, related to haproxy_listeners.php and haproxy_listeners_edit.php.
Netgate Haproxy
1 EDB exploit
384
VMScore
CVE-2019-18277
A flaw was found in HAProxy prior to 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be us...
Haproxy Haproxy
2 Github repositories
383
VMScore
CVE-2019-11323
HAProxy prior to 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. This is related to an include/types/ssl_sock.h error.
Haproxy Haproxy
383
VMScore
CVE-2018-11469
Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 up to and including 1.8.9 (if cache enabled) allows malicious users to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for...
Haproxy Haproxy
Canonical Ubuntu Linux 18.04
187
VMScore
CVE-2013-0163
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS
Redhat Openshift 1.0
Redhat Openshift 2.0
NA
CVE-2024-28101
The Apollo Router is a graph router written in Rust to run a federated supergraph that uses Apollo Federation. Versions 0.9.5 until 1.40.2 are subject to a Denial-of-Service (DoS) type vulnerability. When receiving compressed HTTP payloads, affected versions of the Router evaluat...
NA
CVE-2023-45539
HAProxy prior to 2.8.2 accepts # as part of the URI component, which might allow remote malicious users to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server.
Haproxy Haproxy
NA
CVE-2023-40225
HAProxy up to and including 2.0.32, 2.1.x and 2.2.x up to and including 2.2.30, 2.3.x and 2.4.x up to and including 2.4.23, 2.5.x and 2.6.x prior to 2.6.15, 2.7.x prior to 2.7.10, and 2.8.x prior to 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In u...
Haproxy Haproxy
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »