Search for packages
| purl | pkg:rpm/redhat/haproxy@2.2.13-2?arch=el7 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-93ba-zj92-zqf1
Aliases: CVE-2021-39240 |
haproxy: does not ensure that the scheme and path portions of a URI have the expected characters | There are no reported fixed by versions. |
|
VCID-atwp-g4uy-3qgg
Aliases: CVE-2021-39242 |
haproxy: it can lead to a situation with an attacker-controlled HTTP Host header because a mismatch between Host and authority is mishandled | There are no reported fixed by versions. |
|
VCID-jz63-5mba-3qbx
Aliases: CVE-2021-40346 |
haproxy: request smuggling attack or response splitting via duplicate content-length header | There are no reported fixed by versions. |
|
VCID-sy71-5m1g-2yav
Aliases: CVE-2021-39241 |
haproxy: an HTTP method name may contain a space followed by the name of a protected resource | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:01:36.773277+00:00 | RedHat Importer | Affected by | VCID-atwp-g4uy-3qgg | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39242.json | 38.0.0 |
| 2026-04-01T14:01:36.726765+00:00 | RedHat Importer | Affected by | VCID-sy71-5m1g-2yav | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39241.json | 38.0.0 |
| 2026-04-01T14:01:36.641529+00:00 | RedHat Importer | Affected by | VCID-93ba-zj92-zqf1 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39240.json | 38.0.0 |
| 2026-04-01T14:01:27.825960+00:00 | RedHat Importer | Affected by | VCID-jz63-5mba-3qbx | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40346.json | 38.0.0 |