Описание
Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.
A flaw was found in haproxy. A stemming from an inefficient algorithmic complexity issue within its bundled mjson parsing library. This vulnerability is triggered when haproxy is configured to analyze JSON content, such as with the json_query or jwt_payload_query function
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 5 | haproxy | Affected | ||
| Red Hat Enterprise Linux 7 | haproxy | Affected | ||
| Red Hat Enterprise Linux 8 | haproxy | Not affected | ||
| Red Hat OpenShift Container Platform 4 | haproxy | Not affected | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-haproxy-router | Affected | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-haproxy-router-rhel9 | Not affected | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-hypershift-rhel8 | Affected | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-hypershift-rhel9 | Affected | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-tests | Affected | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-tests-rhel9 | Affected |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.
Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.
Inefficient algorithm complexity in mjson in HAProxy allows remote att ...
7.5 High
CVSS3