Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
haproxy haproxy - vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-6269
Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 prior to 1.5.4 allow remote malicious users to cause a denial of service (crash) via a large stream of data, which triggers a buffer overflow and an out-of-bounds read.
Haproxy Haproxy 1.5.0
Haproxy Haproxy 1.5.1
Haproxy Haproxy 1.5
Haproxy Haproxy 1.5.2
Haproxy Haproxy 1.5.3
5
CVSSv2
CVE-2013-2175
HAProxy 1.4 prior to 1.4.24 and 1.5 prior to 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote malicious users to cause a denial of service (negative array index usage and crash) via an HTTP header with a...
Debian Debian Linux 6.0
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 13.04
Redhat Enterprise Linux Load Balancer 6.4
Redhat Enterprise Linux Load Balancer 6.0
Haproxy Haproxy 1.4.6
Haproxy Haproxy 1.4.8
Haproxy Haproxy 1.4.15
Haproxy Haproxy 1.4.17
Haproxy Haproxy 1.4
Haproxy Haproxy 1.4.22
Haproxy Haproxy 1.4.9
Haproxy Haproxy 1.4.10
Haproxy Haproxy 1.4.11
Haproxy Haproxy 1.4.12
Haproxy Haproxy 1.4.13
Haproxy Haproxy 1.4.1
Haproxy Haproxy 1.4.2
Haproxy Haproxy 1.4.3
Haproxy Haproxy 1.4.4
Haproxy Haproxy 1.4.18
4.3
CVSSv2
CVE-2019-18277
A flaw was found in HAProxy prior to 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be us...
Haproxy Haproxy
2 Github repositories
4.3
CVSSv2
CVE-2019-11323
HAProxy prior to 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. This is related to an include/types/ssl_sock.h error.
Haproxy Haproxy
4.3
CVSSv2
CVE-2019-8953
The HAProxy package prior to 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, related to haproxy_listeners.php and haproxy_listeners_edit.php.
Netgate Haproxy
1 EDB exploit
4.3
CVSSv2
CVE-2018-11469
Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 up to and including 1.8.9 (if cache enabled) allows malicious users to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for...
Haproxy Haproxy
Canonical Ubuntu Linux 18.04
2.1
CVSSv2
CVE-2013-0163
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS
Redhat Openshift 1.0
Redhat Openshift 2.0
NA
CVE-2024-28101
The Apollo Router is a graph router written in Rust to run a federated supergraph that uses Apollo Federation. Versions 0.9.5 until 1.40.2 are subject to a Denial-of-Service (DoS) type vulnerability. When receiving compressed HTTP payloads, affected versions of the Router evaluat...
NA
CVE-2023-45539
HAProxy prior to 2.8.2 accepts # as part of the URI component, which might allow remote malicious users to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server.
Haproxy Haproxy
NA
CVE-2023-40225
HAProxy up to and including 2.0.32, 2.1.x and 2.2.x up to and including 2.2.30, 2.3.x and 2.4.x up to and including 2.4.23, 2.5.x and 2.6.x prior to 2.6.15, 2.7.x prior to 2.7.10, and 2.8.x prior to 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In u...
Haproxy Haproxy
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »