Search for packages
| purl | pkg:deb/debian/haproxy@1.8.19-1%2Bdeb10u3 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2zm3-vw55-k3af
Aliases: CVE-2025-32464 |
haproxy: Buffer Overflow via Improper Back-Reference Replacement Length Check |
Affected by 3 other vulnerabilities. |
|
VCID-4zyf-tsw1-8bfv
Aliases: CVE-2019-19330 |
A vulnerability in HAProxy might lead to remote execution of arbitrary code. |
Affected by 2 other vulnerabilities. |
|
VCID-5q7p-8nxf-sfem
Aliases: CVE-2020-11100 |
A buffer overflow in HAProxy might allow an attacker to execute arbitrary code. |
Affected by 2 other vulnerabilities. |
|
VCID-93ba-zj92-zqf1
Aliases: CVE-2021-39240 |
haproxy: does not ensure that the scheme and path portions of a URI have the expected characters |
Affected by 2 other vulnerabilities. |
|
VCID-9gwz-6dnd-r7fj
Aliases: CVE-2019-18277 |
haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated "chunked" value |
Affected by 2 other vulnerabilities. |
|
VCID-a7s4-6k62-3qh2
Aliases: CVE-2022-0711 |
haproxy: Denial of service via set-cookie2 header |
Affected by 2 other vulnerabilities. |
|
VCID-atwp-g4uy-3qgg
Aliases: CVE-2021-39242 |
haproxy: it can lead to a situation with an attacker-controlled HTTP Host header because a mismatch between Host and authority is mishandled |
Affected by 2 other vulnerabilities. |
|
VCID-bb8w-k2e1-xbht
Aliases: CVE-2023-25725 |
haproxy: request smuggling attack in HTTP/1 header parsing |
Affected by 2 other vulnerabilities. |
|
VCID-jz63-5mba-3qbx
Aliases: CVE-2021-40346 |
haproxy: request smuggling attack or response splitting via duplicate content-length header |
Affected by 2 other vulnerabilities. |
|
VCID-mrdn-6cwg-j3h8
Aliases: CVE-2023-0836 |
haproxy: data leak via fcgi requests |
Affected by 2 other vulnerabilities. |
|
VCID-s86j-egny-77cu
Aliases: CVE-2023-45539 |
haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers |
Affected by 2 other vulnerabilities. |
|
VCID-sy71-5m1g-2yav
Aliases: CVE-2021-39241 |
haproxy: an HTTP method name may contain a space followed by the name of a protected resource |
Affected by 2 other vulnerabilities. |
|
VCID-w1we-d8uq-s3hh
Aliases: CVE-2023-0056 |
haproxy: segfault DoS |
Affected by 2 other vulnerabilities. |
|
VCID-ygb3-7kb1-tqbc
Aliases: CVE-2023-40225 |
haproxy: Proxy forwards malformed empty Content-Length headers |
Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-31wf-mpnt-dycm | haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure |
CVE-2018-20102
|
| VCID-48er-rqvk-nyhg | haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service |
CVE-2018-20103
|
| VCID-4zyf-tsw1-8bfv | A vulnerability in HAProxy might lead to remote execution of arbitrary code. |
CVE-2019-19330
|
| VCID-5q7p-8nxf-sfem | A buffer overflow in HAProxy might allow an attacker to execute arbitrary code. |
CVE-2020-11100
|
| VCID-8e1s-dgj6-vyfq | haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash |
CVE-2018-20615
|