HAProxy 2.0.31

CPE Details

HAProxy 2.0.31
haproxy
haproxy
2.0.31
2023-02-23
12h22 +00:00
2023-02-23
18h25 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:haproxy:haproxy:2.0.31:*:*:*:*:*:*:*

Informations

Vendor

haproxy

Product

haproxy

Version

2.0.31

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-45539 2023-11-27 23h00 +00:00 HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server.
8.2
Haute
CVE-2023-40225 2023-08-09 22h00 +00:00 HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.
7.2
Haute
CVE-2020-11100 2020-04-02 12h23 +00:00 In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.
8.8
Haute