CVSS: 6.8EPSS: 0%CPEs: 29EXPL: 0CVE-2023-0056 – haproxy: segfault DoS
https://notcve.org/view.php?id=CVE-2023-0056
24 Jan 2023 — An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Pla... • https://access.redhat.com/security/cve/CVE-2023-0056 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 72%CPEs: 8EXPL: 0CVE-2022-0711 – haproxy: Denial of service via set-cookie2 header
https://notcve.org/view.php?id=CVE-2022-0711
02 Mar 2022 — A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability. Se ha encontrado un fallo en la forma en que HAProxy procesa las respuestas HTTP que contienen el encabezado "Set-Cookie2". Este fallo podría permitir a un atacante enviar paquetes de respuesta H... • https://access.redhat.com/security/cve/cve-2022-0711 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 94%CPEs: 14EXPL: 6CVE-2021-40346 – haproxy: request smuggling attack or response splitting via duplicate content-length header
https://notcve.org/view.php?id=CVE-2021-40346
07 Sep 2021 — An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. Se presenta un desbordamiento de enteros en HAProxy versiones 2.0 a 2.5, en la función htx_add_header() que puede ser explotada para llevar a cabo un ataque de contrabando de peticiones HTTP, permitiendo a un atacante omitir todas las ACLs configuradas de HAProxy de peticione... • https://github.com/knqyf263/CVE-2021-40346 • CWE-190: Integer Overflow or Wraparound CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-39240 – haproxy: does not ensure that the scheme and path portions of a URI have the expected characters
https://notcve.org/view.php?id=CVE-2021-39240
17 Aug 2021 — An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It does not ensure that the scheme and path portions of a URI have the expected characters. For example, the authority field (as observed on a target HTTP/2 server) might differ from what the routing rules were intended to achieve. Se ha detectado un problema en HAProxy versiones 2.2 anteriores a 2.2.16, versiones 2.3 anteriores a 2.3.13 y versiones 2.4 anteriores a 2.4.3. No se asegura que las porciones de esquem... • https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=4b8852c70d8c4b7e225e24eb58258a15eb54c26e • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-39241 – haproxy: an HTTP method name may contain a space followed by the name of a protected resource
https://notcve.org/view.php?id=CVE-2021-39241
17 Aug 2021 — An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. An HTTP method name may contain a space followed by the name of a protected resource. It is possible that a server would interpret this as a request for that protected resource, such as in the "GET /admin? HTTP/1.1 /static/images HTTP/1.1" example. Se ha detectado un problema en HAProxy versiones 2.0 anteriores a 2.0.24, versiones 2.2 anteriores a 2.2.16, versiones 2.3 anteriores a 2.3.13 y vers... • https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=89265224d314a056d77d974284802c1b8a0dc97f • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-39242 – haproxy: it can lead to a situation with an attacker-controlled HTTP Host header because a mismatch between Host and authority is mishandled
https://notcve.org/view.php?id=CVE-2021-39242
17 Aug 2021 — An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host header, because a mismatch between Host and authority is mishandled. Se ha detectado un problema en HAProxy versiones 2.2 anteriores a 2.2.16, versiones 2.3 anteriores a 2.3.13 y versiones 2.4 anteriores a 2.4.3. Puede conllevar a una situación con un encabezado HTTP Host controlada por un atacante, porque es manejado inapropiadamente un desajuste en... • https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=b5d2b9e154d78e4075db163826c5e0f6d31b2ab1 • CWE-20: Improper Input Validation CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.8EPSS: 91%CPEs: 9EXPL: 1CVE-2020-11100 – haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes
https://notcve.org/view.php?id=CVE-2020-11100
02 Apr 2020 — In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution. En la función hpack_dht_insert en el archivo hpack-tbl.c en el decodificador HPACK en HAProxy versiones 1.8 hasta 2.x anteriores a 2.1.4, un atacante remoto puede escribir bytes arbitrarios alrededor de una determinada ubicación en la pila (heap) por medio de una... • https://packetstorm.news/files/id/157323 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2019-19330 – haproxy: HTTP/2 implementation vulnerable to intermediary encapsulation attacks
https://notcve.org/view.php?id=CVE-2019-19330
27 Nov 2019 — The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks. La implementación de HTTP/2 en HAProxy versiones anteriores a la versión 2.0.10, maneja inapropiadamente los encabezados, como es demostrado por el retorno de carro (CR, ASCII 0xd), salto de línea (LF, ASCII 0xa) y el carácter cero (NUL, ASCII 0x0), también se conoce como Ataques ... • https://git.haproxy.org/?p=haproxy-2.0.git%3Ba=commit%3Bh=ac198b92d461515551b95daae20954b3053ce87e • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 1CVE-2019-18277 – haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated "chunked" value
https://notcve.org/view.php?id=CVE-2019-18277
23 Oct 2019 — A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specificati... • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00016.html • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-14243
https://notcve.org/view.php?id=CVE-2019-14243
23 Jul 2019 — headerv2.go in mastercactapus proxyprotocol before 0.0.2, as used in the mastercactapus caddy-proxyprotocol plugin through 0.0.2 for Caddy, allows remote attackers to cause a denial of service (webserver panic and daemon crash) via a crafted HAProxy PROXY v2 request with truncated source/destination address data. headerv2.go en mastercactapus proxyprotocol anterior a versión 0.0.2, tal como es usado en el plugin caddy-proxyprotocol de mastercactapus hasta versión 0.0.2 para Caddy, permite a los atacantes re... • https://caddy.community/t/dos-in-http-proxyprotocol-plugin/6014 • CWE-20: Improper Input Validation •