Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-39242

Опубликовано: 17 авг. 2021
Источник: ubuntu
Приоритет: medium
CVSS2: 5
CVSS3: 7.5

Описание

An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host header, because a mismatch between Host and authority is mishandled.

РелизСтатусПримечание
bionic

not-affected

code not present
devel

released

2.2.9-2ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

code not present
esm-infra/focal

not-affected

code not present
esm-infra/xenial

not-affected

code not present
focal

not-affected

code not present
hirsute

released

2.2.9-1ubuntu0.1
impish

released

2.2.9-2ubuntu1
jammy

released

2.2.9-2ubuntu1

Показывать по

Ссылки на источники

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-39242

CVSS3: 7.5
redhat
больше 4 лет назад

An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host header, because a mismatch between Host and authority is mishandled.

nvd логотип

CVE-2021-39242

CVSS3: 7.5
nvd
больше 4 лет назад

An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host header, because a mismatch between Host and authority is mishandled.

debian логотип

CVE-2021-39242

CVSS3: 7.5
debian
больше 4 лет назад

An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.1 ...

github логотип

GHSA-gh3m-9h22-r3r5

github
больше 3 лет назад

An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host header, because a mismatch between Host and authority is mishandled.

fstec логотип

BDU:2022-06897

CVSS3: 7.5
fstec
больше 4 лет назад

Уязвимость серверного программного обеспечения HAProxy, связанная с недостатками в обработке исключительных состояний, позволяющая нарушителю оказать воздействие на целостность данных

5 Medium

CVSS2

7.5 High

CVSS3