HAProxy prior to 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. This is related to an include/types/ssl_sock.h error.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
haproxy haproxy |