Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-20103 | 5.0 |
An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaus
|
02-06-2022 - 14:15 | 12-12-2018 - 17:29 | |
CVE-2018-20102 | 5.0 |
An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-
|
02-06-2022 - 14:15 | 12-12-2018 - 17:29 | |
CVE-2018-11469 | 4.3 |
Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check
|
11-06-2019 - 14:29 | 25-05-2018 - 14:29 |