|Max CVSS||7.5||Min CVSS||4.3||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it cou
|02-06-2022 - 14:15||23-10-2019 - 14:15|
The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks.
|01-04-2020 - 21:15||27-11-2019 - 16:15|