Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

21 – 30 of 32 results


CVE-2018-20103

Medium priority
Fixed

An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers...

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Fixed Not affected
Show less packages

CVE-2018-20102

Medium priority
Fixed

An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA...

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Fixed Fixed
Show less packages

CVE-2018-14645

Medium priority
Fixed

A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpack_valid_idx() resulted in a remote crash and denial of service.

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Fixed Not affected
Show less packages

CVE-2018-11469

Medium priority
Fixed

Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to...

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Fixed Not affected
Show less packages

CVE-2018-10184

Medium priority
Not affected

An issue was discovered in HAProxy before 1.8.8. The incoming H2 frame length was checked against the max_frame_size setting instead of being checked against the bufsize. The max_frame_size only applies to outgoing traffic and not...

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Not affected Not affected
Show less packages

CVE-2016-5360

Medium priority
Fixed

HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other impact via unknown vectors.

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Fixed
Show less packages

CVE-2016-3711

Low priority
Not affected

HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allows local users to obtain the internal IP address of a pod by reading the "OPENSHIFT_[namespace]_SERVERID" cookie.

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Not affected
Show less packages

CVE-2015-3281

Medium priority
Fixed

The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized...

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy
Show less packages

CVE-2014-6269

Medium priority
Not affected

Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 before 1.5.4 allow remote attackers to cause a denial of service (crash) via a large stream of data, which triggers a buffer...

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy
Show less packages

CVE-2013-2175

Medium priority

Some fixes available 3 of 4

HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service (negative array index usage and...

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy
Show less packages