Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/haproxy@1.8.19-1%2Bdeb10u3
Typedeb
Namespacedebian
Namehaproxy
Version1.8.19-1+deb10u3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.2.15-1
Latest_non_vulnerable_version3.2.15-1
Affected_by_vulnerabilities
0
url VCID-2zm3-vw55-k3af
vulnerability_id VCID-2zm3-vw55-k3af
summary haproxy: Buffer Overflow via Improper Back-Reference Replacement Length Check
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32464.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32464.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-32464
reference_id
reference_type
scores
0
value 0.03342
scoring_system epss
scoring_elements 0.87261
published_at 2026-04-02T12:55:00Z
1
value 0.03342
scoring_system epss
scoring_elements 0.87324
published_at 2026-04-18T12:55:00Z
2
value 0.03342
scoring_system epss
scoring_elements 0.87309
published_at 2026-04-12T12:55:00Z
3
value 0.03342
scoring_system epss
scoring_elements 0.87305
published_at 2026-04-13T12:55:00Z
4
value 0.03342
scoring_system epss
scoring_elements 0.8732
published_at 2026-04-16T12:55:00Z
5
value 0.03342
scoring_system epss
scoring_elements 0.87278
published_at 2026-04-04T12:55:00Z
6
value 0.03342
scoring_system epss
scoring_elements 0.87275
published_at 2026-04-07T12:55:00Z
7
value 0.03342
scoring_system epss
scoring_elements 0.87294
published_at 2026-04-08T12:55:00Z
8
value 0.03342
scoring_system epss
scoring_elements 0.87302
published_at 2026-04-09T12:55:00Z
9
value 0.03342
scoring_system epss
scoring_elements 0.87315
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-32464
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32464
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32464
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102673
reference_id 1102673
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102673
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2358543
reference_id 2358543
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2358543
6
reference_url https://github.com/haproxy/haproxy/commit/3e3b9eebf871510aee36c3a3336faac2f38c9559
reference_id 3e3b9eebf871510aee36c3a3336faac2f38c9559
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T19:23:34Z/
url https://github.com/haproxy/haproxy/commit/3e3b9eebf871510aee36c3a3336faac2f38c9559
7
reference_url https://usn.ubuntu.com/7431-1/
reference_id USN-7431-1
reference_type
scores
url https://usn.ubuntu.com/7431-1/
8
reference_url https://usn.ubuntu.com/7431-2/
reference_id USN-7431-2
reference_type
scores
url https://usn.ubuntu.com/7431-2/
fixed_packages
0
url pkg:deb/debian/haproxy@2.6.12-1%2Bdeb12u3
purl pkg:deb/debian/haproxy@2.6.12-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mfq-cvmr-nbf8
1
vulnerability VCID-97wa-uwp2-57gu
2
vulnerability VCID-rj2h-pnmf-mufp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.6.12-1%252Bdeb12u3
aliases CVE-2025-32464
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zm3-vw55-k3af
1
url VCID-4zyf-tsw1-8bfv
vulnerability_id VCID-4zyf-tsw1-8bfv
summary 
A vulnerability in HAProxy might lead to remote execution of
    arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19330.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19330.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19330
reference_id
reference_type
scores
0
value 0.00957
scoring_system epss
scoring_elements 0.76385
published_at 2026-04-01T12:55:00Z
1
value 0.00957
scoring_system epss
scoring_elements 0.76389
published_at 2026-04-02T12:55:00Z
2
value 0.00957
scoring_system epss
scoring_elements 0.76418
published_at 2026-04-04T12:55:00Z
3
value 0.00957
scoring_system epss
scoring_elements 0.76399
published_at 2026-04-07T12:55:00Z
4
value 0.00957
scoring_system epss
scoring_elements 0.76432
published_at 2026-04-08T12:55:00Z
5
value 0.00957
scoring_system epss
scoring_elements 0.76445
published_at 2026-04-09T12:55:00Z
6
value 0.00957
scoring_system epss
scoring_elements 0.76471
published_at 2026-04-11T12:55:00Z
7
value 0.00957
scoring_system epss
scoring_elements 0.76449
published_at 2026-04-12T12:55:00Z
8
value 0.00957
scoring_system epss
scoring_elements 0.76443
published_at 2026-04-13T12:55:00Z
9
value 0.00957
scoring_system epss
scoring_elements 0.76483
published_at 2026-04-16T12:55:00Z
10
value 0.00957
scoring_system epss
scoring_elements 0.76488
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19330
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19330
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1777584
reference_id 1777584
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1777584
5
reference_url https://security.gentoo.org/glsa/202004-01
reference_id GLSA-202004-01
reference_type
scores
url https://security.gentoo.org/glsa/202004-01
6
reference_url https://access.redhat.com/errata/RHSA-2020:1287
reference_id RHSA-2020:1287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1287
7
reference_url https://access.redhat.com/errata/RHSA-2020:1725
reference_id RHSA-2020:1725
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1725
8
reference_url https://access.redhat.com/errata/RHSA-2020:1936
reference_id RHSA-2020:1936
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1936
9
reference_url https://access.redhat.com/errata/RHSA-2020:2265
reference_id RHSA-2020:2265
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2265
10
reference_url https://usn.ubuntu.com/4212-1/
reference_id USN-4212-1
reference_type
scores
url https://usn.ubuntu.com/4212-1/
fixed_packages
0
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2019-19330
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4zyf-tsw1-8bfv
2
url VCID-5q7p-8nxf-sfem
vulnerability_id VCID-5q7p-8nxf-sfem
summary 
A buffer overflow in HAProxy might allow an attacker to execute
    arbitrary code.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html
1
reference_url http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11100.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11100.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11100
reference_id
reference_type
scores
0
value 0.74791
scoring_system epss
scoring_elements 0.98851
published_at 2026-04-01T12:55:00Z
1
value 0.74791
scoring_system epss
scoring_elements 0.98866
published_at 2026-04-18T12:55:00Z
2
value 0.74791
scoring_system epss
scoring_elements 0.98857
published_at 2026-04-09T12:55:00Z
3
value 0.74791
scoring_system epss
scoring_elements 0.9886
published_at 2026-04-12T12:55:00Z
4
value 0.74791
scoring_system epss
scoring_elements 0.98861
published_at 2026-04-13T12:55:00Z
5
value 0.74791
scoring_system epss
scoring_elements 0.98864
published_at 2026-04-16T12:55:00Z
6
value 0.74791
scoring_system epss
scoring_elements 0.98853
published_at 2026-04-02T12:55:00Z
7
value 0.74791
scoring_system epss
scoring_elements 0.98855
published_at 2026-04-04T12:55:00Z
8
value 0.74791
scoring_system epss
scoring_elements 0.98856
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11100
4
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1168023
reference_id
reference_type
scores
url https://bugzilla.suse.com/show_bug.cgi?id=1168023
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11100
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11100
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88
reference_id
reference_type
scores
url https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88
8
reference_url https://lists.debian.org/debian-security-announce/2020/msg00052.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-security-announce/2020/msg00052.html
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/
11
reference_url https://www.debian.org/security/2020/dsa-4649
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4649
12
reference_url https://www.haproxy.org/download/2.1/src/CHANGELOG
reference_id
reference_type
scores
url https://www.haproxy.org/download/2.1/src/CHANGELOG
13
reference_url https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html
reference_id
reference_type
scores
url https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html
14
reference_url http://www.haproxy.org
reference_id
reference_type
scores
url http://www.haproxy.org
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1819111
reference_id 1819111
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1819111
16
reference_url https://security.archlinux.org/ASA-202004-7
reference_id ASA-202004-7
reference_type
scores
url https://security.archlinux.org/ASA-202004-7
17
reference_url https://security.archlinux.org/AVG-1124
reference_id AVG-1124
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1124
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11100
reference_id CVE-2020-11100
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2020-11100
28
reference_url https://security.gentoo.org/glsa/202012-22
reference_id GLSA-202012-22
reference_type
scores
url https://security.gentoo.org/glsa/202012-22
29
reference_url https://access.redhat.com/errata/RHSA-2020:1287
reference_id RHSA-2020:1287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1287
30
reference_url https://access.redhat.com/errata/RHSA-2020:1288
reference_id RHSA-2020:1288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1288
31
reference_url https://access.redhat.com/errata/RHSA-2020:1289
reference_id RHSA-2020:1289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1289
32
reference_url https://access.redhat.com/errata/RHSA-2020:1290
reference_id RHSA-2020:1290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1290
33
reference_url https://access.redhat.com/errata/RHSA-2020:1936
reference_id RHSA-2020:1936
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1936
34
reference_url https://usn.ubuntu.com/4321-1/
reference_id USN-4321-1
reference_type
scores
url https://usn.ubuntu.com/4321-1/
fixed_packages
0
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2020-11100
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5q7p-8nxf-sfem
3
url VCID-93ba-zj92-zqf1
vulnerability_id VCID-93ba-zj92-zqf1
summary haproxy: does not ensure that the scheme and path portions of a URI have the expected characters
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39240.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39240.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-39240
reference_id
reference_type
scores
0
value 0.00066
scoring_system epss
scoring_elements 0.20318
published_at 2026-04-01T12:55:00Z
1
value 0.00066
scoring_system epss
scoring_elements 0.20303
published_at 2026-04-18T12:55:00Z
2
value 0.00066
scoring_system epss
scoring_elements 0.20312
published_at 2026-04-13T12:55:00Z
3
value 0.00066
scoring_system epss
scoring_elements 0.203
published_at 2026-04-16T12:55:00Z
4
value 0.00066
scoring_system epss
scoring_elements 0.20461
published_at 2026-04-02T12:55:00Z
5
value 0.00066
scoring_system epss
scoring_elements 0.2052
published_at 2026-04-04T12:55:00Z
6
value 0.00066
scoring_system epss
scoring_elements 0.20245
published_at 2026-04-07T12:55:00Z
7
value 0.00066
scoring_system epss
scoring_elements 0.20326
published_at 2026-04-08T12:55:00Z
8
value 0.00066
scoring_system epss
scoring_elements 0.20384
published_at 2026-04-09T12:55:00Z
9
value 0.00066
scoring_system epss
scoring_elements 0.20413
published_at 2026-04-11T12:55:00Z
10
value 0.00066
scoring_system epss
scoring_elements 0.20369
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-39240
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39240
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39240
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39241
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39242
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39242
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1995104
reference_id 1995104
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1995104
7
reference_url https://security.archlinux.org/AVG-2304
reference_id AVG-2304
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2304
8
reference_url https://access.redhat.com/errata/RHSA-2021:4118
reference_id RHSA-2021:4118
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4118
9
reference_url https://access.redhat.com/errata/RHSA-2021:5208
reference_id RHSA-2021:5208
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5208
fixed_packages
0
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2021-39240
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-93ba-zj92-zqf1
4
url VCID-9gwz-6dnd-r7fj
vulnerability_id VCID-9gwz-6dnd-r7fj
summary haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated "chunked" value
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00016.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00016.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00019.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00019.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18277.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18277.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18277
reference_id
reference_type
scores
0
value 0.00967
scoring_system epss
scoring_elements 0.76525
published_at 2026-04-01T12:55:00Z
1
value 0.00967
scoring_system epss
scoring_elements 0.76627
published_at 2026-04-18T12:55:00Z
2
value 0.00967
scoring_system epss
scoring_elements 0.76588
published_at 2026-04-12T12:55:00Z
3
value 0.00967
scoring_system epss
scoring_elements 0.76581
published_at 2026-04-13T12:55:00Z
4
value 0.00967
scoring_system epss
scoring_elements 0.76623
published_at 2026-04-16T12:55:00Z
5
value 0.00967
scoring_system epss
scoring_elements 0.7653
published_at 2026-04-02T12:55:00Z
6
value 0.00967
scoring_system epss
scoring_elements 0.76559
published_at 2026-04-04T12:55:00Z
7
value 0.00967
scoring_system epss
scoring_elements 0.7654
published_at 2026-04-07T12:55:00Z
8
value 0.00967
scoring_system epss
scoring_elements 0.76572
published_at 2026-04-08T12:55:00Z
9
value 0.00967
scoring_system epss
scoring_elements 0.76582
published_at 2026-04-09T12:55:00Z
10
value 0.00967
scoring_system epss
scoring_elements 0.76609
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18277
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18277
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18277
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://git.haproxy.org/?p=haproxy-2.0.git%3Ba=commit%3Bh=196a7df44d8129d1adc795da020b722614d6a581
reference_id
reference_type
scores
url https://git.haproxy.org/?p=haproxy-2.0.git%3Ba=commit%3Bh=196a7df44d8129d1adc795da020b722614d6a581
7
reference_url https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html
8
reference_url https://nathandavison.com/blog/haproxy-http-request-smuggling
reference_id
reference_type
scores
url https://nathandavison.com/blog/haproxy-http-request-smuggling
9
reference_url https://www.mail-archive.com/haproxy%40formilux.org/msg34926.html
reference_id
reference_type
scores
url https://www.mail-archive.com/haproxy%40formilux.org/msg34926.html
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1759697
reference_id 1759697
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1759697
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18277
reference_id CVE-2019-18277
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2019-18277
13
reference_url https://access.redhat.com/errata/RHSA-2020:1287
reference_id RHSA-2020:1287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1287
14
reference_url https://access.redhat.com/errata/RHSA-2020:1725
reference_id RHSA-2020:1725
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1725
15
reference_url https://access.redhat.com/errata/RHSA-2020:1936
reference_id RHSA-2020:1936
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1936
16
reference_url https://access.redhat.com/errata/RHSA-2020:2265
reference_id RHSA-2020:2265
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2265
17
reference_url https://usn.ubuntu.com/4174-1/
reference_id USN-4174-1
reference_type
scores
url https://usn.ubuntu.com/4174-1/
fixed_packages
0
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2019-18277
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9gwz-6dnd-r7fj
5
url VCID-a7s4-6k62-3qh2
vulnerability_id VCID-a7s4-6k62-3qh2
summary haproxy: Denial of service via set-cookie2 header
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0711.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0711.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0711
reference_id
reference_type
scores
0
value 0.66484
scoring_system epss
scoring_elements 0.98521
published_at 2026-04-01T12:55:00Z
1
value 0.66484
scoring_system epss
scoring_elements 0.98523
published_at 2026-04-02T12:55:00Z
2
value 0.66484
scoring_system epss
scoring_elements 0.98526
published_at 2026-04-07T12:55:00Z
3
value 0.66484
scoring_system epss
scoring_elements 0.98529
published_at 2026-04-08T12:55:00Z
4
value 0.66484
scoring_system epss
scoring_elements 0.98531
published_at 2026-04-09T12:55:00Z
5
value 0.66484
scoring_system epss
scoring_elements 0.98532
published_at 2026-04-12T12:55:00Z
6
value 0.66484
scoring_system epss
scoring_elements 0.98533
published_at 2026-04-13T12:55:00Z
7
value 0.66484
scoring_system epss
scoring_elements 0.98538
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0711
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0711
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0711
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2053666
reference_id 2053666
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2053666
5
reference_url https://access.redhat.com/errata/RHSA-2022:1021
reference_id RHSA-2022:1021
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1021
6
reference_url https://access.redhat.com/errata/RHSA-2022:1153
reference_id RHSA-2022:1153
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1153
7
reference_url https://access.redhat.com/errata/RHSA-2022:1336
reference_id RHSA-2022:1336
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1336
8
reference_url https://access.redhat.com/errata/RHSA-2022:1620
reference_id RHSA-2022:1620
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1620
9
reference_url https://usn.ubuntu.com/5312-1/
reference_id USN-5312-1
reference_type
scores
url https://usn.ubuntu.com/5312-1/
fixed_packages
0
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2022-0711
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a7s4-6k62-3qh2
6
url VCID-atwp-g4uy-3qgg
vulnerability_id VCID-atwp-g4uy-3qgg
summary haproxy: it can lead to a situation with an attacker-controlled HTTP Host header because a mismatch between Host and authority is mishandled
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39242.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39242.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-39242
reference_id
reference_type
scores
0
value 0.00467
scoring_system epss
scoring_elements 0.64367
published_at 2026-04-01T12:55:00Z
1
value 0.00467
scoring_system epss
scoring_elements 0.64495
published_at 2026-04-18T12:55:00Z
2
value 0.00467
scoring_system epss
scoring_elements 0.64449
published_at 2026-04-13T12:55:00Z
3
value 0.00467
scoring_system epss
scoring_elements 0.64484
published_at 2026-04-16T12:55:00Z
4
value 0.00467
scoring_system epss
scoring_elements 0.64421
published_at 2026-04-02T12:55:00Z
5
value 0.00467
scoring_system epss
scoring_elements 0.64451
published_at 2026-04-04T12:55:00Z
6
value 0.00467
scoring_system epss
scoring_elements 0.6441
published_at 2026-04-07T12:55:00Z
7
value 0.00467
scoring_system epss
scoring_elements 0.64458
published_at 2026-04-08T12:55:00Z
8
value 0.00467
scoring_system epss
scoring_elements 0.64474
published_at 2026-04-09T12:55:00Z
9
value 0.00467
scoring_system epss
scoring_elements 0.6449
published_at 2026-04-11T12:55:00Z
10
value 0.00467
scoring_system epss
scoring_elements 0.64478
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-39242
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39240
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39240
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39241
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39242
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39242
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1995112
reference_id 1995112
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1995112
7
reference_url https://security.archlinux.org/AVG-2304
reference_id AVG-2304
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2304
8
reference_url https://access.redhat.com/errata/RHSA-2021:4118
reference_id RHSA-2021:4118
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4118
9
reference_url https://access.redhat.com/errata/RHSA-2021:5208
reference_id RHSA-2021:5208
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5208
fixed_packages
0
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2021-39242
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-atwp-g4uy-3qgg
7
url VCID-bb8w-k2e1-xbht
vulnerability_id VCID-bb8w-k2e1-xbht
summary haproxy: request smuggling attack in HTTP/1 header parsing
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25725.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25725.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25725
reference_id
reference_type
scores
0
value 0.20036
scoring_system epss
scoring_elements 0.95486
published_at 2026-04-18T12:55:00Z
1
value 0.29937
scoring_system epss
scoring_elements 0.96629
published_at 2026-04-04T12:55:00Z
2
value 0.29937
scoring_system epss
scoring_elements 0.96623
published_at 2026-04-02T12:55:00Z
3
value 0.29937
scoring_system epss
scoring_elements 0.96654
published_at 2026-04-16T12:55:00Z
4
value 0.29937
scoring_system epss
scoring_elements 0.96647
published_at 2026-04-13T12:55:00Z
5
value 0.29937
scoring_system epss
scoring_elements 0.96645
published_at 2026-04-12T12:55:00Z
6
value 0.29937
scoring_system epss
scoring_elements 0.96644
published_at 2026-04-11T12:55:00Z
7
value 0.29937
scoring_system epss
scoring_elements 0.96642
published_at 2026-04-09T12:55:00Z
8
value 0.29937
scoring_system epss
scoring_elements 0.9664
published_at 2026-04-08T12:55:00Z
9
value 0.29937
scoring_system epss
scoring_elements 0.96632
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25725
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0056
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25725
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25725
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2169089
reference_id 2169089
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2169089
6
reference_url https://www.debian.org/security/2023/dsa-5348
reference_id dsa-5348
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T19:12:55Z/
url https://www.debian.org/security/2023/dsa-5348
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPTJQHKUEU2PQ7RWFUYAFLAD4STEIKHU/
reference_id FPTJQHKUEU2PQ7RWFUYAFLAD4STEIKHU
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T19:12:55Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPTJQHKUEU2PQ7RWFUYAFLAD4STEIKHU/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JM5NCIBTHYDTLPY2UNC4HO2VAHHE6CJG/
reference_id JM5NCIBTHYDTLPY2UNC4HO2VAHHE6CJG
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T19:12:55Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JM5NCIBTHYDTLPY2UNC4HO2VAHHE6CJG/
9
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00012.html
reference_id msg00012.html
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T19:12:55Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00012.html
10
reference_url https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=a0e561ad7f29ed50c473f5a9da664267b60d1112
reference_id ?p=haproxy-2.7.git%3Ba=commit%3Bh=a0e561ad7f29ed50c473f5a9da664267b60d1112
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T19:12:55Z/
url https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=a0e561ad7f29ed50c473f5a9da664267b60d1112
11
reference_url https://access.redhat.com/errata/RHSA-2023:1268
reference_id RHSA-2023:1268
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1268
12
reference_url https://access.redhat.com/errata/RHSA-2023:1325
reference_id RHSA-2023:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1325
13
reference_url https://access.redhat.com/errata/RHSA-2023:1655
reference_id RHSA-2023:1655
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1655
14
reference_url https://access.redhat.com/errata/RHSA-2023:1696
reference_id RHSA-2023:1696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1696
15
reference_url https://access.redhat.com/errata/RHSA-2023:1978
reference_id RHSA-2023:1978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1978
16
reference_url https://access.redhat.com/errata/RHSA-2024:0746
reference_id RHSA-2024:0746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0746
17
reference_url https://usn.ubuntu.com/5869-1/
reference_id USN-5869-1
reference_type
scores
url https://usn.ubuntu.com/5869-1/
18
reference_url https://usn.ubuntu.com/7135-1/
reference_id USN-7135-1
reference_type
scores
url https://usn.ubuntu.com/7135-1/
19
reference_url https://www.haproxy.org/
reference_id www.haproxy.org
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T19:12:55Z/
url https://www.haproxy.org/
fixed_packages
0
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2023-25725
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bb8w-k2e1-xbht
8
url VCID-jz63-5mba-3qbx
vulnerability_id VCID-jz63-5mba-3qbx
summary haproxy: request smuggling attack or response splitting via duplicate content-length header
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40346.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40346.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40346
reference_id
reference_type
scores
0
value 0.92378
scoring_system epss
scoring_elements 0.99724
published_at 2026-04-01T12:55:00Z
1
value 0.92378
scoring_system epss
scoring_elements 0.99728
published_at 2026-04-18T12:55:00Z
2
value 0.92378
scoring_system epss
scoring_elements 0.99726
published_at 2026-04-13T12:55:00Z
3
value 0.92378
scoring_system epss
scoring_elements 0.99727
published_at 2026-04-16T12:55:00Z
4
value 0.92378
scoring_system epss
scoring_elements 0.99725
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40346
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40346
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40346
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2000599
reference_id 2000599
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2000599
5
reference_url https://security.archlinux.org/AVG-2343
reference_id AVG-2343
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2343
6
reference_url https://access.redhat.com/errata/RHSA-2021:4118
reference_id RHSA-2021:4118
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4118
7
reference_url https://access.redhat.com/errata/RHSA-2021:5208
reference_id RHSA-2021:5208
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5208
8
reference_url https://access.redhat.com/errata/RHSA-2022:0024
reference_id RHSA-2022:0024
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0024
9
reference_url https://access.redhat.com/errata/RHSA-2022:0114
reference_id RHSA-2022:0114
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0114
10
reference_url https://usn.ubuntu.com/5063-1/
reference_id USN-5063-1
reference_type
scores
url https://usn.ubuntu.com/5063-1/
fixed_packages
0
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2021-40346
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jz63-5mba-3qbx
9
url VCID-mrdn-6cwg-j3h8
vulnerability_id VCID-mrdn-6cwg-j3h8
summary haproxy: data leak via fcgi requests
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0836.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0836.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0836
reference_id
reference_type
scores
0
value 5e-05
scoring_system epss
scoring_elements 0.00225
published_at 2026-04-04T12:55:00Z
1
value 5e-05
scoring_system epss
scoring_elements 0.00223
published_at 2026-04-02T12:55:00Z
2
value 5e-05
scoring_system epss
scoring_elements 0.0022
published_at 2026-04-13T12:55:00Z
3
value 5e-05
scoring_system epss
scoring_elements 0.00221
published_at 2026-04-12T12:55:00Z
4
value 5e-05
scoring_system epss
scoring_elements 0.00222
published_at 2026-04-11T12:55:00Z
5
value 6e-05
scoring_system epss
scoring_elements 0.00282
published_at 2026-04-18T12:55:00Z
6
value 6e-05
scoring_system epss
scoring_elements 0.00279
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0836
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0836
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2180746
reference_id 2180746
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2180746
5
reference_url https://www.debian.org/security/2023/dsa-5388
reference_id dsa-5388
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T16:41:58Z/
url https://www.debian.org/security/2023/dsa-5388
6
reference_url https://git.haproxy.org/?p=haproxy.git%3Ba=commitdiff%3Bh=2e6bf0a
reference_id ?p=haproxy.git%3Ba=commitdiff%3Bh=2e6bf0a
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T16:41:58Z/
url https://git.haproxy.org/?p=haproxy.git%3Ba=commitdiff%3Bh=2e6bf0a
7
reference_url https://access.redhat.com/errata/RHSA-2023:6496
reference_id RHSA-2023:6496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6496
8
reference_url https://usn.ubuntu.com/5994-1/
reference_id USN-5994-1
reference_type
scores
url https://usn.ubuntu.com/5994-1/
fixed_packages
0
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2023-0836
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mrdn-6cwg-j3h8
10
url VCID-s86j-egny-77cu
vulnerability_id VCID-s86j-egny-77cu
summary haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45539.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45539.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-45539
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07664
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07628
published_at 2026-04-18T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07707
published_at 2026-04-04T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.0767
published_at 2026-04-07T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.0773
published_at 2026-04-08T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07748
published_at 2026-04-09T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-11T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07733
published_at 2026-04-12T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07717
published_at 2026-04-13T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07641
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-45539
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40225
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40225
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45539
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45539
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://lists.w3.org/Archives/Public/ietf-http-wg/2023JulSep/0070.html
reference_id 0070.html
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:42Z/
url https://lists.w3.org/Archives/Public/ietf-http-wg/2023JulSep/0070.html
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2253037
reference_id 2253037
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2253037
7
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00010.html
reference_id msg00010.html
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:42Z/
url https://lists.debian.org/debian-lts-announce/2023/12/msg00010.html
8
reference_url https://www.mail-archive.com/haproxy%40formilux.org/msg43861.html
reference_id msg43861.html
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:42Z/
url https://www.mail-archive.com/haproxy%40formilux.org/msg43861.html
9
reference_url https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=2eab6d354322932cfec2ed54de261e4347eca9a6
reference_id ?p=haproxy.git%3Ba=commit%3Bh=2eab6d354322932cfec2ed54de261e4347eca9a6
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:28:42Z/
url https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=2eab6d354322932cfec2ed54de261e4347eca9a6
10
reference_url https://access.redhat.com/errata/RHSA-2024:10267
reference_id RHSA-2024:10267
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10267
11
reference_url https://access.redhat.com/errata/RHSA-2024:10271
reference_id RHSA-2024:10271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10271
12
reference_url https://access.redhat.com/errata/RHSA-2024:1089
reference_id RHSA-2024:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1089
13
reference_url https://access.redhat.com/errata/RHSA-2024:1142
reference_id RHSA-2024:1142
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1142
14
reference_url https://access.redhat.com/errata/RHSA-2024:4853
reference_id RHSA-2024:4853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4853
15
reference_url https://access.redhat.com/errata/RHSA-2024:6412
reference_id RHSA-2024:6412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6412
16
reference_url https://access.redhat.com/errata/RHSA-2024:8849
reference_id RHSA-2024:8849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8849
17
reference_url https://access.redhat.com/errata/RHSA-2024:8874
reference_id RHSA-2024:8874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8874
18
reference_url https://access.redhat.com/errata/RHSA-2024:9945
reference_id RHSA-2024:9945
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9945
19
reference_url https://usn.ubuntu.com/6530-1/
reference_id USN-6530-1
reference_type
scores
url https://usn.ubuntu.com/6530-1/
20
reference_url https://usn.ubuntu.com/6530-2/
reference_id USN-6530-2
reference_type
scores
url https://usn.ubuntu.com/6530-2/
fixed_packages
0
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2023-45539
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s86j-egny-77cu
11
url VCID-sy71-5m1g-2yav
vulnerability_id VCID-sy71-5m1g-2yav
summary haproxy: an HTTP method name may contain a space followed by the name of a protected resource
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39241.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39241.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-39241
reference_id
reference_type
scores
0
value 0.00444
scoring_system epss
scoring_elements 0.63293
published_at 2026-04-01T12:55:00Z
1
value 0.00444
scoring_system epss
scoring_elements 0.63422
published_at 2026-04-18T12:55:00Z
2
value 0.00444
scoring_system epss
scoring_elements 0.63432
published_at 2026-04-11T12:55:00Z
3
value 0.00444
scoring_system epss
scoring_elements 0.63414
published_at 2026-04-16T12:55:00Z
4
value 0.00444
scoring_system epss
scoring_elements 0.63353
published_at 2026-04-02T12:55:00Z
5
value 0.00444
scoring_system epss
scoring_elements 0.6338
published_at 2026-04-13T12:55:00Z
6
value 0.00444
scoring_system epss
scoring_elements 0.63346
published_at 2026-04-07T12:55:00Z
7
value 0.00444
scoring_system epss
scoring_elements 0.63397
published_at 2026-04-08T12:55:00Z
8
value 0.00444
scoring_system epss
scoring_elements 0.63415
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-39241
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39240
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39240
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39241
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39242
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39242
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1995107
reference_id 1995107
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1995107
7
reference_url https://security.archlinux.org/AVG-2304
reference_id AVG-2304
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2304
8
reference_url https://access.redhat.com/errata/RHSA-2021:4118
reference_id RHSA-2021:4118
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4118
9
reference_url https://access.redhat.com/errata/RHSA-2021:5208
reference_id RHSA-2021:5208
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5208
10
reference_url https://access.redhat.com/errata/RHSA-2022:0024
reference_id RHSA-2022:0024
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0024
11
reference_url https://access.redhat.com/errata/RHSA-2022:0114
reference_id RHSA-2022:0114
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0114
fixed_packages
0
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2021-39241
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sy71-5m1g-2yav
12
url VCID-w1we-d8uq-s3hh
vulnerability_id VCID-w1we-d8uq-s3hh
summary haproxy: segfault DoS
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0056.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0056.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0056
reference_id
reference_type
scores
0
value 0.00166
scoring_system epss
scoring_elements 0.37615
published_at 2026-04-07T12:55:00Z
1
value 0.00166
scoring_system epss
scoring_elements 0.37711
published_at 2026-04-02T12:55:00Z
2
value 0.00166
scoring_system epss
scoring_elements 0.37736
published_at 2026-04-04T12:55:00Z
3
value 0.00166
scoring_system epss
scoring_elements 0.37666
published_at 2026-04-08T12:55:00Z
4
value 0.00166
scoring_system epss
scoring_elements 0.3768
published_at 2026-04-09T12:55:00Z
5
value 0.00192
scoring_system epss
scoring_elements 0.41226
published_at 2026-04-16T12:55:00Z
6
value 0.00192
scoring_system epss
scoring_elements 0.41229
published_at 2026-04-11T12:55:00Z
7
value 0.00192
scoring_system epss
scoring_elements 0.41197
published_at 2026-04-18T12:55:00Z
8
value 0.00192
scoring_system epss
scoring_elements 0.41183
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0056
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0056
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25725
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25725
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2160808
reference_id 2160808
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2160808
6
reference_url https://access.redhat.com/security/cve/CVE-2023-0056
reference_id CVE-2023-0056
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T19:35:23Z/
url https://access.redhat.com/security/cve/CVE-2023-0056
7
reference_url https://access.redhat.com/errata/RHSA-2023:0727
reference_id RHSA-2023:0727
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0727
8
reference_url https://access.redhat.com/errata/RHSA-2023:1325
reference_id RHSA-2023:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1325
9
reference_url https://access.redhat.com/errata/RHSA-2023:1696
reference_id RHSA-2023:1696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1696
10
reference_url https://access.redhat.com/errata/RHSA-2023:1978
reference_id RHSA-2023:1978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1978
11
reference_url https://access.redhat.com/errata/RHSA-2024:0746
reference_id RHSA-2024:0746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0746
12
reference_url https://usn.ubuntu.com/5819-1/
reference_id USN-5819-1
reference_type
scores
url https://usn.ubuntu.com/5819-1/
fixed_packages
0
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2023-0056
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w1we-d8uq-s3hh
13
url VCID-ygb3-7kb1-tqbc
vulnerability_id VCID-ygb3-7kb1-tqbc
summary haproxy: Proxy forwards malformed empty Content-Length headers
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40225.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40225.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-40225
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07053
published_at 2026-04-02T12:55:00Z
1
value 0.00028
scoring_system epss
scoring_elements 0.07943
published_at 2026-04-18T12:55:00Z
2
value 0.00028
scoring_system epss
scoring_elements 0.08017
published_at 2026-04-07T12:55:00Z
3
value 0.00028
scoring_system epss
scoring_elements 0.08077
published_at 2026-04-08T12:55:00Z
4
value 0.00028
scoring_system epss
scoring_elements 0.08101
published_at 2026-04-09T12:55:00Z
5
value 0.00028
scoring_system epss
scoring_elements 0.08091
published_at 2026-04-11T12:55:00Z
6
value 0.00028
scoring_system epss
scoring_elements 0.0807
published_at 2026-04-12T12:55:00Z
7
value 0.00028
scoring_system epss
scoring_elements 0.08054
published_at 2026-04-13T12:55:00Z
8
value 0.00028
scoring_system epss
scoring_elements 0.07959
published_at 2026-04-16T12:55:00Z
9
value 0.00028
scoring_system epss
scoring_elements 0.08057
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-40225
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40225
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40225
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45539
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45539
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043502
reference_id 1043502
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043502
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2231370
reference_id 2231370
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2231370
7
reference_url https://github.com/haproxy/haproxy/issues/2237
reference_id 2237
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T20:14:21Z/
url https://github.com/haproxy/haproxy/issues/2237
8
reference_url https://cwe.mitre.org/data/definitions/436.html
reference_id 436.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T20:14:21Z/
url https://cwe.mitre.org/data/definitions/436.html
9
reference_url https://github.com/haproxy/haproxy/commit/6492f1f29d738457ea9f382aca54537f35f9d856
reference_id 6492f1f29d738457ea9f382aca54537f35f9d856
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T20:14:21Z/
url https://github.com/haproxy/haproxy/commit/6492f1f29d738457ea9f382aca54537f35f9d856
10
reference_url https://www.haproxy.org/download/2.6/src/CHANGELOG
reference_id CHANGELOG
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T20:14:21Z/
url https://www.haproxy.org/download/2.6/src/CHANGELOG
11
reference_url https://www.haproxy.org/download/2.7/src/CHANGELOG
reference_id CHANGELOG
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T20:14:21Z/
url https://www.haproxy.org/download/2.7/src/CHANGELOG
12
reference_url https://www.haproxy.org/download/2.8/src/CHANGELOG
reference_id CHANGELOG
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T20:14:21Z/
url https://www.haproxy.org/download/2.8/src/CHANGELOG
13
reference_url https://access.redhat.com/errata/RHSA-2023:7473
reference_id RHSA-2023:7473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7473
14
reference_url https://access.redhat.com/errata/RHSA-2023:7606
reference_id RHSA-2023:7606
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7606
15
reference_url https://access.redhat.com/errata/RHSA-2024:0200
reference_id RHSA-2024:0200
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0200
16
reference_url https://access.redhat.com/errata/RHSA-2024:0308
reference_id RHSA-2024:0308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0308
17
reference_url https://access.redhat.com/errata/RHSA-2024:1089
reference_id RHSA-2024:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1089
18
reference_url https://access.redhat.com/errata/RHSA-2024:1142
reference_id RHSA-2024:1142
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1142
19
reference_url https://usn.ubuntu.com/6294-1/
reference_id USN-6294-1
reference_type
scores
url https://usn.ubuntu.com/6294-1/
20
reference_url https://usn.ubuntu.com/6294-2/
reference_id USN-6294-2
reference_type
scores
url https://usn.ubuntu.com/6294-2/
fixed_packages
0
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2023-40225
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ygb3-7kb1-tqbc
Fixing_vulnerabilities
0
url VCID-31wf-mpnt-dycm
vulnerability_id VCID-31wf-mpnt-dycm
summary haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20102.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20102.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20102
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09068
published_at 2026-04-01T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.08985
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.0911
published_at 2026-04-13T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09005
published_at 2026-04-16T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09074
published_at 2026-04-02T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09126
published_at 2026-04-08T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09046
published_at 2026-04-07T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09156
published_at 2026-04-09T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09157
published_at 2026-04-11T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09124
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20102
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20102
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20102
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1658874
reference_id 1658874
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1658874
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916308
reference_id 916308
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916308
6
reference_url https://security.archlinux.org/ASA-201901-15
reference_id ASA-201901-15
reference_type
scores
url https://security.archlinux.org/ASA-201901-15
7
reference_url https://security.archlinux.org/AVG-836
reference_id AVG-836
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-836
8
reference_url https://access.redhat.com/errata/RHSA-2019:0547
reference_id RHSA-2019:0547
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0547
9
reference_url https://access.redhat.com/errata/RHSA-2019:1436
reference_id RHSA-2019:1436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1436
10
reference_url https://usn.ubuntu.com/3858-1/
reference_id USN-3858-1
reference_type
scores
url https://usn.ubuntu.com/3858-1/
fixed_packages
0
url pkg:deb/debian/haproxy@1.8.19-1%2Bdeb10u3
purl pkg:deb/debian/haproxy@1.8.19-1%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-4zyf-tsw1-8bfv
2
vulnerability VCID-5q7p-8nxf-sfem
3
vulnerability VCID-93ba-zj92-zqf1
4
vulnerability VCID-9gwz-6dnd-r7fj
5
vulnerability VCID-a7s4-6k62-3qh2
6
vulnerability VCID-atwp-g4uy-3qgg
7
vulnerability VCID-bb8w-k2e1-xbht
8
vulnerability VCID-jz63-5mba-3qbx
9
vulnerability VCID-mrdn-6cwg-j3h8
10
vulnerability VCID-s86j-egny-77cu
11
vulnerability VCID-sy71-5m1g-2yav
12
vulnerability VCID-w1we-d8uq-s3hh
13
vulnerability VCID-ygb3-7kb1-tqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@1.8.19-1%252Bdeb10u3
aliases CVE-2018-20102
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-31wf-mpnt-dycm
1
url VCID-48er-rqvk-nyhg
vulnerability_id VCID-48er-rqvk-nyhg
summary haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20103.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20103.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20103
reference_id
reference_type
scores
0
value 0.001
scoring_system epss
scoring_elements 0.27737
published_at 2026-04-01T12:55:00Z
1
value 0.001
scoring_system epss
scoring_elements 0.276
published_at 2026-04-18T12:55:00Z
2
value 0.001
scoring_system epss
scoring_elements 0.27617
published_at 2026-04-13T12:55:00Z
3
value 0.001
scoring_system epss
scoring_elements 0.27626
published_at 2026-04-16T12:55:00Z
4
value 0.001
scoring_system epss
scoring_elements 0.27774
published_at 2026-04-02T12:55:00Z
5
value 0.001
scoring_system epss
scoring_elements 0.27813
published_at 2026-04-04T12:55:00Z
6
value 0.001
scoring_system epss
scoring_elements 0.27605
published_at 2026-04-07T12:55:00Z
7
value 0.001
scoring_system epss
scoring_elements 0.27671
published_at 2026-04-08T12:55:00Z
8
value 0.001
scoring_system epss
scoring_elements 0.27715
published_at 2026-04-09T12:55:00Z
9
value 0.001
scoring_system epss
scoring_elements 0.27719
published_at 2026-04-11T12:55:00Z
10
value 0.001
scoring_system epss
scoring_elements 0.27676
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20103
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20103
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20103
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1658876
reference_id 1658876
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1658876
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916307
reference_id 916307
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916307
6
reference_url https://security.archlinux.org/ASA-201901-15
reference_id ASA-201901-15
reference_type
scores
url https://security.archlinux.org/ASA-201901-15
7
reference_url https://security.archlinux.org/AVG-836
reference_id AVG-836
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-836
8
reference_url https://access.redhat.com/errata/RHSA-2019:1436
reference_id RHSA-2019:1436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1436
9
reference_url https://usn.ubuntu.com/3858-1/
reference_id USN-3858-1
reference_type
scores
url https://usn.ubuntu.com/3858-1/
fixed_packages
0
url pkg:deb/debian/haproxy@1.8.19-1%2Bdeb10u3
purl pkg:deb/debian/haproxy@1.8.19-1%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-4zyf-tsw1-8bfv
2
vulnerability VCID-5q7p-8nxf-sfem
3
vulnerability VCID-93ba-zj92-zqf1
4
vulnerability VCID-9gwz-6dnd-r7fj
5
vulnerability VCID-a7s4-6k62-3qh2
6
vulnerability VCID-atwp-g4uy-3qgg
7
vulnerability VCID-bb8w-k2e1-xbht
8
vulnerability VCID-jz63-5mba-3qbx
9
vulnerability VCID-mrdn-6cwg-j3h8
10
vulnerability VCID-s86j-egny-77cu
11
vulnerability VCID-sy71-5m1g-2yav
12
vulnerability VCID-w1we-d8uq-s3hh
13
vulnerability VCID-ygb3-7kb1-tqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@1.8.19-1%252Bdeb10u3
aliases CVE-2018-20103
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-48er-rqvk-nyhg
2
url VCID-4zyf-tsw1-8bfv
vulnerability_id VCID-4zyf-tsw1-8bfv
summary 
A vulnerability in HAProxy might lead to remote execution of
    arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19330.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19330.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19330
reference_id
reference_type
scores
0
value 0.00957
scoring_system epss
scoring_elements 0.76385
published_at 2026-04-01T12:55:00Z
1
value 0.00957
scoring_system epss
scoring_elements 0.76389
published_at 2026-04-02T12:55:00Z
2
value 0.00957
scoring_system epss
scoring_elements 0.76418
published_at 2026-04-04T12:55:00Z
3
value 0.00957
scoring_system epss
scoring_elements 0.76399
published_at 2026-04-07T12:55:00Z
4
value 0.00957
scoring_system epss
scoring_elements 0.76432
published_at 2026-04-08T12:55:00Z
5
value 0.00957
scoring_system epss
scoring_elements 0.76445
published_at 2026-04-09T12:55:00Z
6
value 0.00957
scoring_system epss
scoring_elements 0.76471
published_at 2026-04-11T12:55:00Z
7
value 0.00957
scoring_system epss
scoring_elements 0.76449
published_at 2026-04-12T12:55:00Z
8
value 0.00957
scoring_system epss
scoring_elements 0.76443
published_at 2026-04-13T12:55:00Z
9
value 0.00957
scoring_system epss
scoring_elements 0.76483
published_at 2026-04-16T12:55:00Z
10
value 0.00957
scoring_system epss
scoring_elements 0.76488
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19330
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19330
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1777584
reference_id 1777584
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1777584
5
reference_url https://security.gentoo.org/glsa/202004-01
reference_id GLSA-202004-01
reference_type
scores
url https://security.gentoo.org/glsa/202004-01
6
reference_url https://access.redhat.com/errata/RHSA-2020:1287
reference_id RHSA-2020:1287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1287
7
reference_url https://access.redhat.com/errata/RHSA-2020:1725
reference_id RHSA-2020:1725
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1725
8
reference_url https://access.redhat.com/errata/RHSA-2020:1936
reference_id RHSA-2020:1936
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1936
9
reference_url https://access.redhat.com/errata/RHSA-2020:2265
reference_id RHSA-2020:2265
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2265
10
reference_url https://usn.ubuntu.com/4212-1/
reference_id USN-4212-1
reference_type
scores
url https://usn.ubuntu.com/4212-1/
fixed_packages
0
url pkg:deb/debian/haproxy@1.8.19-1%2Bdeb10u3
purl pkg:deb/debian/haproxy@1.8.19-1%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-4zyf-tsw1-8bfv
2
vulnerability VCID-5q7p-8nxf-sfem
3
vulnerability VCID-93ba-zj92-zqf1
4
vulnerability VCID-9gwz-6dnd-r7fj
5
vulnerability VCID-a7s4-6k62-3qh2
6
vulnerability VCID-atwp-g4uy-3qgg
7
vulnerability VCID-bb8w-k2e1-xbht
8
vulnerability VCID-jz63-5mba-3qbx
9
vulnerability VCID-mrdn-6cwg-j3h8
10
vulnerability VCID-s86j-egny-77cu
11
vulnerability VCID-sy71-5m1g-2yav
12
vulnerability VCID-w1we-d8uq-s3hh
13
vulnerability VCID-ygb3-7kb1-tqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@1.8.19-1%252Bdeb10u3
1
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2019-19330
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4zyf-tsw1-8bfv
3
url VCID-5q7p-8nxf-sfem
vulnerability_id VCID-5q7p-8nxf-sfem
summary 
A buffer overflow in HAProxy might allow an attacker to execute
    arbitrary code.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html
1
reference_url http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11100.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11100.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11100
reference_id
reference_type
scores
0
value 0.74791
scoring_system epss
scoring_elements 0.98851
published_at 2026-04-01T12:55:00Z
1
value 0.74791
scoring_system epss
scoring_elements 0.98866
published_at 2026-04-18T12:55:00Z
2
value 0.74791
scoring_system epss
scoring_elements 0.98857
published_at 2026-04-09T12:55:00Z
3
value 0.74791
scoring_system epss
scoring_elements 0.9886
published_at 2026-04-12T12:55:00Z
4
value 0.74791
scoring_system epss
scoring_elements 0.98861
published_at 2026-04-13T12:55:00Z
5
value 0.74791
scoring_system epss
scoring_elements 0.98864
published_at 2026-04-16T12:55:00Z
6
value 0.74791
scoring_system epss
scoring_elements 0.98853
published_at 2026-04-02T12:55:00Z
7
value 0.74791
scoring_system epss
scoring_elements 0.98855
published_at 2026-04-04T12:55:00Z
8
value 0.74791
scoring_system epss
scoring_elements 0.98856
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11100
4
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1168023
reference_id
reference_type
scores
url https://bugzilla.suse.com/show_bug.cgi?id=1168023
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11100
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11100
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88
reference_id
reference_type
scores
url https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88
8
reference_url https://lists.debian.org/debian-security-announce/2020/msg00052.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-security-announce/2020/msg00052.html
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/
11
reference_url https://www.debian.org/security/2020/dsa-4649
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4649
12
reference_url https://www.haproxy.org/download/2.1/src/CHANGELOG
reference_id
reference_type
scores
url https://www.haproxy.org/download/2.1/src/CHANGELOG
13
reference_url https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html
reference_id
reference_type
scores
url https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html
14
reference_url http://www.haproxy.org
reference_id
reference_type
scores
url http://www.haproxy.org
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1819111
reference_id 1819111
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1819111
16
reference_url https://security.archlinux.org/ASA-202004-7
reference_id ASA-202004-7
reference_type
scores
url https://security.archlinux.org/ASA-202004-7
17
reference_url https://security.archlinux.org/AVG-1124
reference_id AVG-1124
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1124
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11100
reference_id CVE-2020-11100
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2020-11100
28
reference_url https://security.gentoo.org/glsa/202012-22
reference_id GLSA-202012-22
reference_type
scores
url https://security.gentoo.org/glsa/202012-22
29
reference_url https://access.redhat.com/errata/RHSA-2020:1287
reference_id RHSA-2020:1287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1287
30
reference_url https://access.redhat.com/errata/RHSA-2020:1288
reference_id RHSA-2020:1288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1288
31
reference_url https://access.redhat.com/errata/RHSA-2020:1289
reference_id RHSA-2020:1289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1289
32
reference_url https://access.redhat.com/errata/RHSA-2020:1290
reference_id RHSA-2020:1290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1290
33
reference_url https://access.redhat.com/errata/RHSA-2020:1936
reference_id RHSA-2020:1936
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1936
34
reference_url https://usn.ubuntu.com/4321-1/
reference_id USN-4321-1
reference_type
scores
url https://usn.ubuntu.com/4321-1/
fixed_packages
0
url pkg:deb/debian/haproxy@1.8.19-1%2Bdeb10u3
purl pkg:deb/debian/haproxy@1.8.19-1%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-4zyf-tsw1-8bfv
2
vulnerability VCID-5q7p-8nxf-sfem
3
vulnerability VCID-93ba-zj92-zqf1
4
vulnerability VCID-9gwz-6dnd-r7fj
5
vulnerability VCID-a7s4-6k62-3qh2
6
vulnerability VCID-atwp-g4uy-3qgg
7
vulnerability VCID-bb8w-k2e1-xbht
8
vulnerability VCID-jz63-5mba-3qbx
9
vulnerability VCID-mrdn-6cwg-j3h8
10
vulnerability VCID-s86j-egny-77cu
11
vulnerability VCID-sy71-5m1g-2yav
12
vulnerability VCID-w1we-d8uq-s3hh
13
vulnerability VCID-ygb3-7kb1-tqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@1.8.19-1%252Bdeb10u3
1
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6
aliases CVE-2020-11100
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5q7p-8nxf-sfem
4
url VCID-8e1s-dgj6-vyfq
vulnerability_id VCID-8e1s-dgj6-vyfq
summary haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html
1
reference_url https://access.redhat.com/errata/RHBA-2019:0327
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHBA-2019:0327
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20615.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20615.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20615
reference_id
reference_type
scores
0
value 0.00166
scoring_system epss
scoring_elements 0.37523
published_at 2026-04-01T12:55:00Z
1
value 0.00166
scoring_system epss
scoring_elements 0.37654
published_at 2026-04-18T12:55:00Z
2
value 0.00166
scoring_system epss
scoring_elements 0.37653
published_at 2026-04-12T12:55:00Z
3
value 0.00166
scoring_system epss
scoring_elements 0.37625
published_at 2026-04-13T12:55:00Z
4
value 0.00166
scoring_system epss
scoring_elements 0.37672
published_at 2026-04-16T12:55:00Z
5
value 0.00166
scoring_system epss
scoring_elements 0.37705
published_at 2026-04-02T12:55:00Z
6
value 0.00166
scoring_system epss
scoring_elements 0.3773
published_at 2026-04-04T12:55:00Z
7
value 0.00166
scoring_system epss
scoring_elements 0.37609
published_at 2026-04-07T12:55:00Z
8
value 0.00166
scoring_system epss
scoring_elements 0.3766
published_at 2026-04-08T12:55:00Z
9
value 0.00166
scoring_system epss
scoring_elements 0.37673
published_at 2026-04-09T12:55:00Z
10
value 0.00166
scoring_system epss
scoring_elements 0.37687
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20615
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20615
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20615
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://www.mail-archive.com/haproxy%40formilux.org/msg32304.html
reference_id
reference_type
scores
url https://www.mail-archive.com/haproxy%40formilux.org/msg32304.html
7
reference_url http://www.securityfocus.com/bid/106645
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106645
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1663060
reference_id 1663060
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1663060
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:-:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:1.9.0:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:-:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev0:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:1.9.0:dev0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev0:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev1:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:1.9.0:dev1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev1:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev10:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:1.9.0:dev10:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev10:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev11:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:1.9.0:dev11:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev11:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev2:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:1.9.0:dev2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev2:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev3:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:1.9.0:dev3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev3:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev4:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:1.9.0:dev4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev4:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev5:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:1.9.0:dev5:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev5:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev6:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:1.9.0:dev6:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev6:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev7:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:1.9.0:dev7:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev7:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev8:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:1.9.0:dev8:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev8:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev9:*:*:*:*:*:*
reference_id cpe:2.3:a:haproxy:haproxy:1.9.0:dev9:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:haproxy:haproxy:1.9.0:dev9:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-20615
reference_id CVE-2018-20615
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-20615
33
reference_url https://access.redhat.com/errata/RHSA-2019:0275
reference_id RHSA-2019:0275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0275
34
reference_url https://access.redhat.com/errata/RHSA-2019:0547
reference_id RHSA-2019:0547
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0547
35
reference_url https://access.redhat.com/errata/RHSA-2019:0548
reference_id RHSA-2019:0548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:0548
36
reference_url https://usn.ubuntu.com/3858-1/
reference_id USN-3858-1
reference_type
scores
url https://usn.ubuntu.com/3858-1/
fixed_packages
0
url pkg:deb/debian/haproxy@1.8.19-1%2Bdeb10u3
purl pkg:deb/debian/haproxy@1.8.19-1%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2zm3-vw55-k3af
1
vulnerability VCID-4zyf-tsw1-8bfv
2
vulnerability VCID-5q7p-8nxf-sfem
3
vulnerability VCID-93ba-zj92-zqf1
4
vulnerability VCID-9gwz-6dnd-r7fj
5
vulnerability VCID-a7s4-6k62-3qh2
6
vulnerability VCID-atwp-g4uy-3qgg
7
vulnerability VCID-bb8w-k2e1-xbht
8
vulnerability VCID-jz63-5mba-3qbx
9
vulnerability VCID-mrdn-6cwg-j3h8
10
vulnerability VCID-s86j-egny-77cu
11
vulnerability VCID-sy71-5m1g-2yav
12
vulnerability VCID-w1we-d8uq-s3hh
13
vulnerability VCID-ygb3-7kb1-tqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@1.8.19-1%252Bdeb10u3
aliases CVE-2018-20615
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8e1s-dgj6-vyfq
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@1.8.19-1%252Bdeb10u3