Known Vulnerabilities for Haproxy by Haproxy
Listed below are 10 of the newest known vulnerabilities associated with "Haproxy" by "Haproxy".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-40346 | An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smug... | 7.5 - HIGH | 2021-09-08 | 2023-11-07 |
| CVE-2021-39242 | An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It can lead to a situation wit... | 7.5 - HIGH | 2021-08-17 | 2023-11-07 |
| CVE-2021-39241 | An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. An HTTP met... | 5.3 - MEDIUM | 2021-08-17 | 2023-11-07 |
| CVE-2021-39240 | An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It does not ensure that the sc... | 7.5 - HIGH | 2021-08-17 | 2023-11-07 |
| CVE-2020-11100 | In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write ... | 8.8 - HIGH | 2020-04-02 | 2023-11-07 |
| CVE-2019-19330 | The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), li... | 9.8 - CRITICAL | 2019-11-27 | 2023-11-07 |
| CVE-2019-18277 | A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked"... | 7.5 - HIGH | 2019-10-23 | 2023-11-07 |
| CVE-2019-14241 | HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_... | 7.5 - HIGH | 2019-07-23 | 2020-08-24 |
| CVE-2019-11323 | HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC k... | 5.9 - MEDIUM | 2019-05-09 | 2023-11-07 |
| CVE-2018-10184 | An issue was discovered in HAProxy before 1.8.8. The incoming H2 frame length was checked against the max_frame_size setting ... | 7.5 - HIGH | 2018-05-09 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Haproxy | Haproxy | 2.1.4 | All | All | All |
| Application | Haproxy | Haproxy | 2.1.0 | All | All | All |
| Application | Haproxy | Haproxy | 2.0.9 | All | All | All |
| Application | Haproxy | Haproxy | 2.0.8 | All | All | All |
| Application | Haproxy | Haproxy | 2.0.7 | All | All | All |
| Application | Haproxy | Haproxy | 2.0.6 | All | All | All |
| Application | Haproxy | Haproxy | 2.0.5 | All | All | All |
| Application | Haproxy | Haproxy | 2.0.4 | All | All | All |
| Application | Haproxy | Haproxy | 2.0.3 | All | All | All |
| Application | Haproxy | Haproxy | 2.0.2 | All | All | All |
| Application | Haproxy | Haproxy | 2.0.14 | All | All | All |
| Application | Haproxy | Haproxy | 2.0.11 | All | All | All |
| Application | Haproxy | Haproxy | 2.0.10 | All | All | All |
| Application | Haproxy | Haproxy | 2.0.1 | All | All | All |
| Application | Haproxy | Haproxy | 2.0.0 | All | All | All |
| Application | Haproxy | Haproxy | 1.9.9 | All | All | All |
| Application | Haproxy | Haproxy | 1.9.8 | All | All | All |
| Application | Haproxy | Haproxy | 1.9.7 | All | All | All |
| Application | Haproxy | Haproxy | 1.9.6 | All | All | All |
| Application | Haproxy | Haproxy | 1.9.5 | All | All | All |