Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
haproxy haproxy - vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2019-11323
HAProxy prior to 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. This is related to an include/types/ssl_sock.h error.
Haproxy Haproxy
7.5
CVSSv3
CVE-2018-20615
An out-of-bounds read issue exists in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x up to and including 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame le...
Haproxy Haproxy
Haproxy Haproxy 1.9.0
Opensuse Leap 15.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Enterprise Linux 7.4
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 7.5
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 7.6
6.1
CVSSv3
CVE-2019-8953
The HAProxy package prior to 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, related to haproxy_listeners.php and haproxy_listeners_edit.php.
Netgate Haproxy
1 EDB exploit
7.5
CVSSv3
CVE-2018-20102
An out-of-bounds read in dns_validate_dns_response in dns.c exists in HAProxy up to and including 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the bu...
Haproxy Haproxy
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Openshift Container Platform 3.11
7.5
CVSSv3
CVE-2018-20103
An issue exists in dns.c in HAProxy up to and including 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion.
Haproxy Haproxy
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Openshift Container Platform 3.11
5.9
CVSSv3
CVE-2018-11469
Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 up to and including 1.8.9 (if cache enabled) allows malicious users to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for...
Haproxy Haproxy
Canonical Ubuntu Linux 18.04
5.3
CVSSv3
CVE-2016-2102
HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network.
Haproxy Haproxy -
7.5
CVSSv3
CVE-2016-5360
HAproxy 1.6.x prior to 1.6.6, when a deny comes from a reqdeny rule, allows remote malicious users to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other impact via unknown vectors.
Canonical Ubuntu Linux 16.04
Haproxy Haproxy 1.6.5
Haproxy Haproxy 1.6.0
Haproxy Haproxy 1.6.3
Haproxy Haproxy 1.6.2
Haproxy Haproxy 1.6.1
Haproxy Haproxy 1.6.4
NA
CVE-2014-6269
Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 prior to 1.5.4 allow remote malicious users to cause a denial of service (crash) via a large stream of data, which triggers a buffer overflow and an out-of-bounds read.
Haproxy Haproxy 1.5.0
Haproxy Haproxy 1.5.1
Haproxy Haproxy 1.5
Haproxy Haproxy 1.5.2
Haproxy Haproxy 1.5.3
NA
CVE-2013-2175
HAProxy 1.4 prior to 1.4.24 and 1.5 prior to 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote malicious users to cause a denial of service (negative array index usage and crash) via an HTTP header with a...
Debian Debian Linux 6.0
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 13.04
Redhat Enterprise Linux Load Balancer 6.4
Redhat Enterprise Linux Load Balancer 6.0
Haproxy Haproxy 1.4.6
Haproxy Haproxy 1.4.8
Haproxy Haproxy 1.4.15
Haproxy Haproxy 1.4.17
Haproxy Haproxy 1.4
Haproxy Haproxy 1.4.22
Haproxy Haproxy 1.4.9
Haproxy Haproxy 1.4.10
Haproxy Haproxy 1.4.11
Haproxy Haproxy 1.4.12
Haproxy Haproxy 1.4.13
Haproxy Haproxy 1.4.1
Haproxy Haproxy 1.4.2
Haproxy Haproxy 1.4.3
Haproxy Haproxy 1.4.4
Haproxy Haproxy 1.4.18
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »