Описание
The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.5.14-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [1.4.24-2]] |
| precise | not-affected | 1.4.18-0ubuntu1.2 |
| trusty | not-affected | 1.4.24-2 |
| trusty/esm | DNE | trusty was not-affected [1.4.24-2] |
| upstream | released | 1.5.14-1 |
| utopic | released | 1.5.4-1ubuntu2.1 |
| vivid | released | 1.5.10-1ubuntu0.1 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.
The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.
The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1. ...
The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request.
EPSS
5 Medium
CVSS2