Описание
HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c.
A flaw was found in HAProxy versions 2.0.0 through 2.0.2 and 1.9.0 through 1.9.8. An attacker can cause a denial of service via vectors related to htx_manage_client_side_cookies in proto_htx.c. The highest threat from this vulnerability is to system availability.
Отчет
Red Hat Enterprise Linux, Red Hat Software Collections, and Red Hat OpenStack Platform did not package these versions and are therefore not vulnerable to this flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | haproxy | Not affected | ||
| Red Hat Enterprise Linux 7 | haproxy | Not affected | ||
| Red Hat Enterprise Linux 8 | haproxy | Not affected | ||
| Red Hat OpenShift Container Platform 3.10 | haproxy | Not affected | ||
| Red Hat OpenShift Container Platform 3.11 | haproxy | Not affected | ||
| Red Hat OpenShift Container Platform 3.9 | haproxy | Not affected | ||
| Red Hat OpenShift Container Platform 4 | haproxy | Not affected | ||
| Red Hat OpenStack Platform 13 (Queens) | rhosp13/openstack-haproxy | Not affected | ||
| Red Hat OpenStack Platform 14 (Rocky) | openstack-haproxy-container | Not affected | ||
| Red Hat Software Collections | rh-haproxy18-haproxy | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c.
HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c.
HAProxy through 2.0.2 allows attackers to cause a denial of service (h ...
EPSS
7.5 High
CVSS3