CVE-2024-49214

Опубликовано: 14 окт. 2024

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality.

Ссылки

EPSS

Процентиль: 34%

0.00137

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-290

Связанные уязвимости

CVE-2024-49214

CVSS3: 5.3

ubuntu

около 1 года назад

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality.

CVE-2024-49214

CVSS3: 5.3

redhat

больше 1 года назад

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality.

CVE-2024-49214

CVSS3: 5.3

msrc

3 месяца назад

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality.

CVE-2024-49214

CVSS3: 5.3

debian

около 1 года назад

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x b ...

GHSA-8jgf-8r3g-hxh8

CVSS3: 5.3

github

около 1 года назад

QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality.

EPSS

Процентиль: 34%

0.00137

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-290