Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-11100 (GCVE-0-2020-11100)
Vulnerability from cvelistv5 – Published: 2020-04-02 14:23 – Updated: 2024-08-04 11:21
VLAI
EPSS
Summary
In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
14 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:21:14.619Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.haproxy.org"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.haproxy.org/download/2.1/src/CHANGELOG"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-security-announce/2020/msg00052.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1168023"
},
{
"name": "openSUSE-SU-2020:0444",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html"
},
{
"name": "FEDORA-2020-16cd111544",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/"
},
{
"name": "DSA-4649",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4649"
},
{
"name": "USN-4321-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4321-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html"
},
{
"name": "FEDORA-2020-13fd8b1721",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/"
},
{
"name": "GLSA-202012-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202012-22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-24T15:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.haproxy.org"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.haproxy.org/download/2.1/src/CHANGELOG"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-security-announce/2020/msg00052.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1168023"
},
{
"name": "openSUSE-SU-2020:0444",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html"
},
{
"name": "FEDORA-2020-16cd111544",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/"
},
{
"name": "DSA-4649",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4649"
},
{
"name": "USN-4321-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4321-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html"
},
{
"name": "FEDORA-2020-13fd8b1721",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/"
},
{
"name": "GLSA-202012-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202012-22"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.haproxy.org",
"refsource": "MISC",
"url": "http://www.haproxy.org"
},
{
"name": "https://www.haproxy.org/download/2.1/src/CHANGELOG",
"refsource": "CONFIRM",
"url": "https://www.haproxy.org/download/2.1/src/CHANGELOG"
},
{
"name": "https://lists.debian.org/debian-security-announce/2020/msg00052.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-security-announce/2020/msg00052.html"
},
{
"name": "https://www.mail-archive.com/haproxy@formilux.org/msg36876.html",
"refsource": "CONFIRM",
"url": "https://www.mail-archive.com/haproxy@formilux.org/msg36876.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111"
},
{
"name": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88",
"refsource": "CONFIRM",
"url": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1168023",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1168023"
},
{
"name": "openSUSE-SU-2020:0444",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html"
},
{
"name": "FEDORA-2020-16cd111544",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/"
},
{
"name": "DSA-4649",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4649"
},
{
"name": "USN-4321-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4321-1/"
},
{
"name": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html"
},
{
"name": "FEDORA-2020-13fd8b1721",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/"
},
{
"name": "GLSA-202012-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202012-22"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-11100",
"datePublished": "2020-04-02T14:23:05.000Z",
"dateReserved": "2020-03-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:21:14.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-11100",
"date": "2026-05-30",
"epss": "0.74396",
"percentile": "0.98867"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-11100\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-04-02T15:15:17.483\",\"lastModified\":\"2024-11-21T04:56:47.257\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.\"},{\"lang\":\"es\",\"value\":\"En la funci\u00f3n hpack_dht_insert en el archivo hpack-tbl.c en el decodificador HPACK en HAProxy versiones 1.8 hasta 2.x anteriores a 2.1.4, un atacante remoto puede escribir bytes arbitrarios alrededor de una determinada ubicaci\u00f3n en la pila (heap) por medio de una petici\u00f3n HTTP/2 dise\u00f1ada, causando posiblemente una ejecuci\u00f3n de c\u00f3digo remoto.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.8.0\",\"versionEndExcluding\":\"2.1.4\",\"matchCriteriaId\":\"2876323F-F324-48B3-BD7D-D559EA0E856E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F87326E-0B56-4356-A889-73D026DB1D4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A31C8344-3E02-4EB8-8BD8-4C84B7959624\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.haproxy.org\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1819111\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1168023\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.debian.org/debian-security-announce/2020/msg00052.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/202012-22\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4321-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4649\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.haproxy.org/download/2.1/src/CHANGELOG\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.haproxy.org\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1819111\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1168023\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-security-announce/2020/msg00052.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202012-22\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4321-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4649\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.haproxy.org/download/2.1/src/CHANGELOG\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Title
Уязвимость функции hpack_dht_insert (hpack-tbl.c) библиотеки сетевого программного обеспечения HAProxy, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным, вызвать отказ в обслуживании или оказать воздействие на целостность данных
Description
Уязвимость функции hpack_dht_insert (hpack-tbl.c) библиотеки сетевого программного обеспечения HAProxy связана с выходом операции за допустимые границы буфера данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к конфиденциальным данным, вызвать отказ в обслуживании или оказать воздействие на целостность данных через специально созданный HTTP/2 запрос
Severity
Vendor
Сообщество свободного программного обеспечения, Canonical Ltd., ООО «РусБИТех-Астра», Red Hat Inc., Novell Inc., Fedora Project, Willy Terreau
Software Name
Debian GNU/Linux, Ubuntu, Astra Linux Common Edition (запись в едином реестре российских программ №4433), Red Hat Enterprise Linux, OpenSUSE Leap, Fedora, OpenShift Container Platform, Red Hat Software Collections, HAProxy
Software Version
9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 2.12 «Орёл» (Astra Linux Common Edition), 8 (Red Hat Enterprise Linux), 15.1 (OpenSUSE Leap), 30 (Fedora), 8 (Debian GNU/Linux), 3.11 (OpenShift Container Platform), 10 (Debian GNU/Linux), 31 (Fedora), - (Red Hat Software Collections), 19.10 (Ubuntu), 8.0 Update Services for SAP Solutions (Red Hat Enterprise Linux), от 1.8.0 до 2.1.4 (HAProxy), 4.4 (OpenShift Container Platform)
Possible Mitigations
Использование рекомендаций:
Для haproxy:
Обновление программного обеспечения до 2.1.4 или более поздней версии
Для Debian:
Обновление программного обеспечения (пакета haproxy) до 1.8.19-1+deb10u2 или более поздней версии
Для программных продуктов Novell Inc.:
https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/CVE-2020-11100
Для Fedora:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/
Для Ubuntu:
https://usn.ubuntu.com/4321-1/
Для Astra Linux:
Обновление программного обеспечения (пакета haproxy) до 1.8.19-1+deb10u3 или более поздней версии
Reference
https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html
https://access.redhat.com/security/cve/CVE-2020-11100
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/
https://usn.ubuntu.com/4321-1/
https://git.haproxy.org/?p=haproxy.git;a=commit;h=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88
https://nvd.nist.gov/vuln/detail/CVE-2020-11100
https://security-tracker.debian.org/tracker/CVE-2020-11100
CWE
CWE-787
{
"CVSS 2.0": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Canonical Ltd., \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Red Hat Inc., Novell Inc., Fedora Project, Willy Terreau",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 2.12 \u00ab\u041e\u0440\u0451\u043b\u00bb (Astra Linux Common Edition), 8 (Red Hat Enterprise Linux), 15.1 (OpenSUSE Leap), 30 (Fedora), 8 (Debian GNU/Linux), 3.11 (OpenShift Container Platform), 10 (Debian GNU/Linux), 31 (Fedora), - (Red Hat Software Collections), 19.10 (Ubuntu), 8.0 Update Services for SAP Solutions (Red Hat Enterprise Linux), \u043e\u0442 1.8.0 \u0434\u043e 2.1.4 (HAProxy), 4.4 (OpenShift Container Platform)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f haproxy:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 2.1.4 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Debian:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 haproxy) \u0434\u043e 1.8.19-1+deb10u2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/CVE-2020-11100\n\n\u0414\u043b\u044f Fedora:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/\n\n\u0414\u043b\u044f Ubuntu:\nhttps://usn.ubuntu.com/4321-1/\n\n\u0414\u043b\u044f Astra Linux:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 haproxy) \u0434\u043e 1.8.19-1+deb10u3 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "02.04.2020",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "25.03.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "13.05.2020",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-02035",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2020-11100",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Ubuntu, Astra Linux Common Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), Red Hat Enterprise Linux, OpenSUSE Leap, Fedora, OpenShift Container Platform, Red Hat Software Collections, HAProxy",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , Canonical Ltd. Ubuntu 18.04 LTS , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Common Edition 2.12 \u00ab\u041e\u0440\u0451\u043b\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), Red Hat Inc. Red Hat Enterprise Linux 8 , Novell Inc. OpenSUSE Leap 15.1 , Fedora Project Fedora 30 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Fedora Project Fedora 31 , Canonical Ltd. Ubuntu 19.10 , Red Hat Inc. Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 hpack_dht_insert (hpack-tbl.c) \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f HAProxy, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u0435 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0445",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 hpack_dht_insert (hpack-tbl.c) \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f HAProxy \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u0435 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 HTTP/2 \u0437\u0430\u043f\u0440\u043e\u0441",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html\nhttps://access.redhat.com/security/cve/CVE-2020-11100\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/\nhttps://usn.ubuntu.com/4321-1/\nhttps://git.haproxy.org/?p=haproxy.git;a=commit;h=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-11100\nhttps://security-tracker.debian.org/tracker/CVE-2020-11100",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-787",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}
bit-haproxy-2020-11100
Vulnerability from bitnami_vulndb
Published
2024-03-06 10:55
Modified
2025-04-03 14:40
Summary
Details
In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "haproxy",
"purl": "pkg:bitnami/haproxy"
},
"ranges": [
{
"events": [
{
"introduced": "1.8.0"
},
{
"fixed": "2.1.4"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
],
"aliases": [
"CVE-2020-11100"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*"
],
"severity": "High"
},
"details": "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.",
"id": "BIT-haproxy-2020-11100",
"modified": "2025-04-03T14:40:37.652Z",
"published": "2024-03-06T10:55:05.509Z",
"references": [
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html"
},
{
"type": "WEB",
"url": "http://www.haproxy.org"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1168023"
},
{
"type": "WEB",
"url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-security-announce/2020/msg00052.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202012-22"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4321-1/"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4649"
},
{
"type": "WEB",
"url": "https://www.haproxy.org/download/2.1/src/CHANGELOG"
},
{
"type": "WEB",
"url": "https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11100"
}
],
"schema_version": "1.5.0"
}
CERTFR-2020-AVI-185
Vulnerability from certfr_avis - Published: 2020-04-03 - Updated: 2020-04-03
Une vulnérabilité a été découverte dans HAProxy. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian 8 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems 8 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.0 x86_64 | ||
| Debian | N/A | Debian Buster versions antérieures à 1.8.19-1+deb10u2. | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 8 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64 | ||
| Red Hat | N/A | Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.6 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.0 ppc64le | ||
| Red Hat | N/A | Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.5 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le | ||
| Red Hat | N/A | Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64 | ||
| Red Hat | N/A | Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le | ||
| Red Hat | N/A | Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.7 x86_64 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat Enterprise Linux for Power, little endian 8 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems 8 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.0 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Debian Buster versions ant\u00e9rieures \u00e0 1.8.19-1+deb10u2.",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 8 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.6 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.0 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.5 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Software Collections (for RHEL Server) 1 for RHEL 7.7 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-11100",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11100"
}
],
"initial_release_date": "2020-04-03T00:00:00",
"last_revision_date": "2020-04-03T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-185",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-04-03T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans HAProxy. Elle permet \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans HAProxy",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2020:1289 du 02 avril 2020",
"url": "https://access.redhat.com/errata/RHSA-2020:1289"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2020:1288 du 02 avril 2020",
"url": "https://access.redhat.com/errata/RHSA-2020:1288"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2020:1290 du 02 avril 2020",
"url": "https://access.redhat.com/errata/RHSA-2020:1290"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 4649-1 du 02 avril 2020",
"url": "https://lists.debian.org/debian-security-announce/2020/msg00052.html"
}
]
}
CERTFR-2020-AVI-194
Vulnerability from certfr_avis - Published: 2020-04-08 - Updated: 2020-04-08
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | N/A | Red Hat OpenShift Container Platform for Power 3.11 ppc64le | ||
| Red Hat | N/A | MRG Realtime 2 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time for NFV 8 x86_64 | ||
| Red Hat | N/A | Red Hat OpenShift Container Platform 3.11 x86_64 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat OpenShift Container Platform for Power 3.11 ppc64le",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "MRG Realtime 2 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time for NFV 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat OpenShift Container Platform 3.11 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-19330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19330"
},
{
"name": "CVE-2019-19527",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19527"
},
{
"name": "CVE-2019-17666",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17666"
},
{
"name": "CVE-2019-18277",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18277"
},
{
"name": "CVE-2019-14816",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14816"
},
{
"name": "CVE-2020-11100",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11100"
}
],
"initial_release_date": "2020-04-08T00:00:00",
"last_revision_date": "2020-04-08T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-194",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-04-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nRed Hat. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Red Hat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2020:1353 du 07 avril 2020",
"url": "https://access.redhat.com/errata/RHSA-2020:1353"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2020:1378 du 07 avril 2020",
"url": "https://access.redhat.com/errata/RHSA-2020:1378"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2020:1287 du 07 avril 2020",
"url": "https://access.redhat.com/errata/RHSA-2020:1287"
}
]
}
Title
HAProxy缓冲区溢出漏洞
Description
HAProxy是法国HAProxy公司的一款开源的TCP/HTTP负载均衡服务器。该服务器提供4层、7层代理,并能支持上万级别的连接,具有高效、稳定等特点。
HAProxy 1.8版本至2.x版本(2.1.4版本已修复)中的HPACK解码器的hpack-tbl.c文件的hpack_dht_insert存在安全漏洞。远程攻击者可借助特制的HTTP/2请求利用该漏洞执行代码。
Severity
高
Patch Name
HAProxy缓冲区溢出漏洞的补丁
Patch Description
HAProxy是法国HAProxy公司的一款开源的TCP/HTTP负载均衡服务器。该服务器提供4层、7层代理,并能支持上万级别的连接,具有高效、稳定等特点。
HAProxy 1.8版本至2.x版本(2.1.4版本已修复)中的HPACK解码器的hpack-tbl.c文件的hpack_dht_insert存在安全漏洞。远程攻击者可借助特制的HTTP/2请求利用该漏洞执行代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://www.haproxy.org/download/2.1/src/CHANGELOG
Impacted products
| Name | HAProxy HAProxy >=1.8,<=2.1.4 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-11100"
}
},
"description": "HAProxy\u662f\u6cd5\u56fdHAProxy\u516c\u53f8\u7684\u4e00\u6b3e\u5f00\u6e90\u7684TCP/HTTP\u8d1f\u8f7d\u5747\u8861\u670d\u52a1\u5668\u3002\u8be5\u670d\u52a1\u5668\u63d0\u4f9b4\u5c42\u30017\u5c42\u4ee3\u7406\uff0c\u5e76\u80fd\u652f\u6301\u4e0a\u4e07\u7ea7\u522b\u7684\u8fde\u63a5\uff0c\u5177\u6709\u9ad8\u6548\u3001\u7a33\u5b9a\u7b49\u7279\u70b9\u3002\n\nHAProxy 1.8\u7248\u672c\u81f32.x\u7248\u672c\uff082.1.4\u7248\u672c\u5df2\u4fee\u590d\uff09\u4e2d\u7684HPACK\u89e3\u7801\u5668\u7684hpack-tbl.c\u6587\u4ef6\u7684hpack_dht_insert\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684HTTP/2\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.haproxy.org/download/2.1/src/CHANGELOG",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-23177",
"openTime": "2020-04-16",
"patchDescription": "HAProxy\u662f\u6cd5\u56fdHAProxy\u516c\u53f8\u7684\u4e00\u6b3e\u5f00\u6e90\u7684TCP/HTTP\u8d1f\u8f7d\u5747\u8861\u670d\u52a1\u5668\u3002\u8be5\u670d\u52a1\u5668\u63d0\u4f9b4\u5c42\u30017\u5c42\u4ee3\u7406\uff0c\u5e76\u80fd\u652f\u6301\u4e0a\u4e07\u7ea7\u522b\u7684\u8fde\u63a5\uff0c\u5177\u6709\u9ad8\u6548\u3001\u7a33\u5b9a\u7b49\u7279\u70b9\u3002\r\n\r\nHAProxy 1.8\u7248\u672c\u81f32.x\u7248\u672c\uff082.1.4\u7248\u672c\u5df2\u4fee\u590d\uff09\u4e2d\u7684HPACK\u89e3\u7801\u5668\u7684hpack-tbl.c\u6587\u4ef6\u7684hpack_dht_insert\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684HTTP/2\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "HAProxy\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "HAProxy HAProxy \u003e=1.8\uff0c\u003c=2.1.4"
},
"serverity": "\u9ad8",
"submitTime": "2020-04-03",
"title": "HAProxy\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
FKIE_CVE-2020-11100
Vulnerability from fkie_nvd - Published: 2020-04-02 15:15 - Updated: 2024-11-21 04:56
Severity
Summary
In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| haproxy | haproxy | * | |
| debian | debian_linux | 10.0 | |
| redhat | openshift_container_platform | 3.11 | |
| redhat | openshift_container_platform | 4.0 | |
| fedoraproject | fedora | 30 | |
| fedoraproject | fedora | 31 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 | |
| opensuse | leap | 15.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2876323F-F324-48B3-BD7D-D559EA0E856E",
"versionEndExcluding": "2.1.4",
"versionStartIncluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution."
},
{
"lang": "es",
"value": "En la funci\u00f3n hpack_dht_insert en el archivo hpack-tbl.c en el decodificador HPACK en HAProxy versiones 1.8 hasta 2.x anteriores a 2.1.4, un atacante remoto puede escribir bytes arbitrarios alrededor de una determinada ubicaci\u00f3n en la pila (heap) por medio de una petici\u00f3n HTTP/2 dise\u00f1ada, causando posiblemente una ejecuci\u00f3n de c\u00f3digo remoto."
}
],
"id": "CVE-2020-11100",
"lastModified": "2024-11-21T04:56:47.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-02T15:15:17.483",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.haproxy.org"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1168023"
},
{
"source": "cve@mitre.org",
"url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-security-announce/2020/msg00052.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202012-22"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4321-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4649"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.haproxy.org/download/2.1/src/CHANGELOG"
},
{
"source": "cve@mitre.org",
"url": "https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.haproxy.org"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1168023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-security-announce/2020/msg00052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202012-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4321-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4649"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.haproxy.org/download/2.1/src/CHANGELOG"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-3XCV-57Q9-HRJ2
Vulnerability from github – Published: 2022-05-24 17:13 – Updated: 2022-10-07 00:00
VLAI
Details
In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.
Severity
8.8 (High)
{
"affected": [],
"aliases": [
"CVE-2020-11100"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-04-02T15:15:00Z",
"severity": "MODERATE"
},
"details": "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.",
"id": "GHSA-3xcv-57q9-hrj2",
"modified": "2022-10-07T00:00:41Z",
"published": "2022-05-24T17:13:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11100"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1168023"
},
{
"type": "WEB",
"url": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-security-announce/2020/msg00052.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202012-22"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4321-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4649"
},
{
"type": "WEB",
"url": "https://www.haproxy.org/download/2.1/src/CHANGELOG"
},
{
"type": "WEB",
"url": "https://www.mail-archive.com/haproxy@formilux.org/msg36876.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html"
},
{
"type": "WEB",
"url": "http://www.haproxy.org"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2020-11100
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-11100",
"description": "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.",
"id": "GSD-2020-11100",
"references": [
"https://www.suse.com/security/cve/CVE-2020-11100.html",
"https://www.debian.org/security/2020/dsa-4649",
"https://access.redhat.com/errata/RHSA-2020:1936",
"https://access.redhat.com/errata/RHSA-2020:1290",
"https://access.redhat.com/errata/RHSA-2020:1289",
"https://access.redhat.com/errata/RHSA-2020:1288",
"https://access.redhat.com/errata/RHSA-2020:1287",
"https://ubuntu.com/security/CVE-2020-11100",
"https://security.archlinux.org/CVE-2020-11100",
"https://linux.oracle.com/cve/CVE-2020-11100.html",
"https://packetstormsecurity.com/files/cve/CVE-2020-11100"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-11100"
],
"details": "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.",
"id": "GSD-2020-11100",
"modified": "2023-12-13T01:22:05.438337Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.haproxy.org",
"refsource": "MISC",
"url": "http://www.haproxy.org"
},
{
"name": "https://www.haproxy.org/download/2.1/src/CHANGELOG",
"refsource": "CONFIRM",
"url": "https://www.haproxy.org/download/2.1/src/CHANGELOG"
},
{
"name": "https://lists.debian.org/debian-security-announce/2020/msg00052.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-security-announce/2020/msg00052.html"
},
{
"name": "https://www.mail-archive.com/haproxy@formilux.org/msg36876.html",
"refsource": "CONFIRM",
"url": "https://www.mail-archive.com/haproxy@formilux.org/msg36876.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111"
},
{
"name": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88",
"refsource": "CONFIRM",
"url": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1168023",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1168023"
},
{
"name": "openSUSE-SU-2020:0444",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html"
},
{
"name": "FEDORA-2020-16cd111544",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/"
},
{
"name": "DSA-4649",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4649"
},
{
"name": "USN-4321-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4321-1/"
},
{
"name": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html"
},
{
"name": "FEDORA-2020-13fd8b1721",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/"
},
{
"name": "GLSA-202012-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202012-22"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1.4",
"versionStartIncluding": "1.8.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11100"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mail-archive.com/haproxy@formilux.org/msg36876.html",
"refsource": "CONFIRM",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.mail-archive.com/haproxy@formilux.org/msg36876.html"
},
{
"name": "https://lists.debian.org/debian-security-announce/2020/msg00052.html",
"refsource": "CONFIRM",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-security-announce/2020/msg00052.html"
},
{
"name": "http://www.haproxy.org",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "http://www.haproxy.org"
},
{
"name": "https://www.haproxy.org/download/2.1/src/CHANGELOG",
"refsource": "CONFIRM",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.haproxy.org/download/2.1/src/CHANGELOG"
},
{
"name": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.haproxy.org/?p=haproxy.git;a=commit;h=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819111"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1168023",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1168023"
},
{
"name": "openSUSE-SU-2020:0444",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00002.html"
},
{
"name": "FEDORA-2020-16cd111544",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNW5RZLIX7LOXRLV7WMHX22CI43XSXKW/"
},
{
"name": "DSA-4649",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4649"
},
{
"name": "USN-4321-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4321-1/"
},
{
"name": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html"
},
{
"name": "FEDORA-2020-13fd8b1721",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/264C7UL3X7L7QE74ZJ557IOUFS3J4QQC/"
},
{
"name": "GLSA-202012-22",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202012-22"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-10-06T20:51Z",
"publishedDate": "2020-04-02T15:15Z"
}
}
}
OPENSUSE-SU-2020:0444-1
Vulnerability from csaf_opensuse - Published: 2020-04-04 08:05 - Updated: 2020-04-04 08:05Summary
Security update for haproxy
Severity
Important
Notes
Title of the patch: Security update for haproxy
Description of the patch: This update for haproxy fixes the following issues:
- CVE-2020-11100: Fixed an H2/HPAC vulnerability ch might have allowed arbitrary
writes into a 32-bit relative address space (bsc#1168023).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patchnames: openSUSE-2020-444
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:haproxy-2.0.10+git0.ac198b92-lp151.2.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for haproxy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for haproxy fixes the following issues:\n\n- CVE-2020-11100: Fixed an H2/HPAC vulnerability ch might have allowed arbitrary \n writes into a 32-bit relative address space (bsc#1168023).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-444",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0444-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:0444-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GVCFDTUM5AKHJ2MTCGCUY2BZ7XCYA4AN/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:0444-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GVCFDTUM5AKHJ2MTCGCUY2BZ7XCYA4AN/"
},
{
"category": "self",
"summary": "SUSE Bug 1168023",
"url": "https://bugzilla.suse.com/1168023"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-11100 page",
"url": "https://www.suse.com/security/cve/CVE-2020-11100/"
}
],
"title": "Security update for haproxy",
"tracking": {
"current_release_date": "2020-04-04T08:05:26Z",
"generator": {
"date": "2020-04-04T08:05:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:0444-1",
"initial_release_date": "2020-04-04T08:05:26Z",
"revision_history": [
{
"date": "2020-04-04T08:05:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "haproxy-2.0.10+git0.ac198b92-lp151.2.9.1.x86_64",
"product": {
"name": "haproxy-2.0.10+git0.ac198b92-lp151.2.9.1.x86_64",
"product_id": "haproxy-2.0.10+git0.ac198b92-lp151.2.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy-2.0.10+git0.ac198b92-lp151.2.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:haproxy-2.0.10+git0.ac198b92-lp151.2.9.1.x86_64"
},
"product_reference": "haproxy-2.0.10+git0.ac198b92-lp151.2.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-11100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-11100"
}
],
"notes": [
{
"category": "general",
"text": "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:haproxy-2.0.10+git0.ac198b92-lp151.2.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-11100",
"url": "https://www.suse.com/security/cve/CVE-2020-11100"
},
{
"category": "external",
"summary": "SUSE Bug 1168023 for CVE-2020-11100",
"url": "https://bugzilla.suse.com/1168023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:haproxy-2.0.10+git0.ac198b92-lp151.2.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:haproxy-2.0.10+git0.ac198b92-lp151.2.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-04-04T08:05:26Z",
"details": "important"
}
],
"title": "CVE-2020-11100"
}
]
}
OPENSUSE-SU-2024:10839-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
haproxy-2.4.4+git0.acb1d0bea-1.2 on GA media
Severity
Moderate
Notes
Title of the patch: haproxy-2.4.4+git0.acb1d0bea-1.2 on GA media
Description of the patch: These are all security issues fixed in the haproxy-2.4.4+git0.acb1d0bea-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-10839
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.2 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
29 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "haproxy-2.4.4+git0.acb1d0bea-1.2 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the haproxy-2.4.4+git0.acb1d0bea-1.2 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10839",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10839-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11469 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14645 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20103 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20615 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14241 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-18277 page",
"url": "https://www.suse.com/security/cve/CVE-2019-18277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-11100 page",
"url": "https://www.suse.com/security/cve/CVE-2020-11100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-39240 page",
"url": "https://www.suse.com/security/cve/CVE-2021-39240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-40346 page",
"url": "https://www.suse.com/security/cve/CVE-2021-40346/"
}
],
"title": "haproxy-2.4.4+git0.acb1d0bea-1.2 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10839-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"product": {
"name": "haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"product_id": "haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"product": {
"name": "haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"product_id": "haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"product": {
"name": "haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"product_id": "haproxy-2.4.4+git0.acb1d0bea-1.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64",
"product": {
"name": "haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64",
"product_id": "haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64"
},
"product_reference": "haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le"
},
"product_reference": "haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy-2.4.4+git0.acb1d0bea-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x"
},
"product_reference": "haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
},
"product_reference": "haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11469"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for_cacheability function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11469",
"url": "https://www.suse.com/security/cve/CVE-2018-11469"
},
{
"category": "external",
"summary": "SUSE Bug 1094846 for CVE-2018-11469",
"url": "https://bugzilla.suse.com/1094846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-11469"
},
{
"cve": "CVE-2018-14645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14645"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpack_valid_idx() resulted in a remote crash and denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14645",
"url": "https://www.suse.com/security/cve/CVE-2018-14645"
},
{
"category": "external",
"summary": "SUSE Bug 1108683 for CVE-2018-14645",
"url": "https://bugzilla.suse.com/1108683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14645"
},
{
"cve": "CVE-2018-20103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20103"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20103",
"url": "https://www.suse.com/security/cve/CVE-2018-20103"
},
{
"category": "external",
"summary": "SUSE Bug 1119419 for CVE-2018-20103",
"url": "https://bugzilla.suse.com/1119419"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-20103"
},
{
"cve": "CVE-2018-20615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20615"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20615",
"url": "https://www.suse.com/security/cve/CVE-2018-20615"
},
{
"category": "external",
"summary": "SUSE Bug 1121283 for CVE-2018-20615",
"url": "https://bugzilla.suse.com/1121283"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-20615"
},
{
"cve": "CVE-2019-14241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14241"
}
],
"notes": [
{
"category": "general",
"text": "HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14241",
"url": "https://www.suse.com/security/cve/CVE-2019-14241"
},
{
"category": "external",
"summary": "SUSE Bug 1142529 for CVE-2019-14241",
"url": "https://bugzilla.suse.com/1142529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2019-14241"
},
{
"cve": "CVE-2019-18277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-18277"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the \"chunked\" value were not being correctly rejected. The impact was limited but if combined with the \"http-reuse always\" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specification).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-18277",
"url": "https://www.suse.com/security/cve/CVE-2019-18277"
},
{
"category": "external",
"summary": "SUSE Bug 1154980 for CVE-2019-18277",
"url": "https://bugzilla.suse.com/1154980"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-18277"
},
{
"cve": "CVE-2020-11100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-11100"
}
],
"notes": [
{
"category": "general",
"text": "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-11100",
"url": "https://www.suse.com/security/cve/CVE-2020-11100"
},
{
"category": "external",
"summary": "SUSE Bug 1168023 for CVE-2020-11100",
"url": "https://bugzilla.suse.com/1168023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-11100"
},
{
"cve": "CVE-2021-39240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-39240"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It does not ensure that the scheme and path portions of a URI have the expected characters. For example, the authority field (as observed on a target HTTP/2 server) might differ from what the routing rules were intended to achieve.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-39240",
"url": "https://www.suse.com/security/cve/CVE-2021-39240"
},
{
"category": "external",
"summary": "SUSE Bug 1189549 for CVE-2021-39240",
"url": "https://bugzilla.suse.com/1189549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-39240"
},
{
"cve": "CVE-2021-40346",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-40346"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-40346",
"url": "https://www.suse.com/security/cve/CVE-2021-40346"
},
{
"category": "external",
"summary": "SUSE Bug 1189877 for CVE-2021-40346",
"url": "https://bugzilla.suse.com/1189877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x",
"openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-40346"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…