Gentoo Linux Security Advisory 202012-22 - A buffer overflow in HAProxy might allow an attacker to execute arbitrary code. Versions less than 2.1.4 are affected.
deb543fefe04671e624c9a3a397ff0e90ad643398dd6eafbd995bb2736cc5a14
Red Hat Security Advisory 2020-1936-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include HTTP request smuggling and out of bounds write vulnerabilities.
fec2b23d766320c1d0b7efd5dd4b407e4b9b62bf6a60ee9745bb96b892b789c1
Debian Linux Security Advisory 4649-1 - Felix Wilhelm of Google Project Zero discovered that HAProxy, a TCP/HTTP reverse proxy, did not properly handle HTTP/2 headers. This would allow an attacker to write arbitrary bytes around a certain location on the heap, resulting in denial-of-service or potential arbitrary code execution.
80baf89b62669c231d6573be3cd65d0c449865262825b3da687c69972b88fa1f
The haproxy hpack implementation in hpack-tbl.c handles 0-length HTTP headers incorrectly. This can lead to a fully controlled relative out-of-bounds write when processing a malicious HTTP2 request (or response).
6313a8193a04a7546984327f36401b3e595cd897bef3968ddef00a3d7d80f2c5
Red Hat Security Advisory 2020-1287-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include an out of bounds write vulnerability.
be3a633bb19d0706ccdf2545521604cb2211df4bfc058b853a01a677628a2b4e
Ubuntu Security Notice 4321-1 - Felix Wilhelm discovered that HAProxy incorrectly handled certain HTTP/2 requests. An attacker could possibly use this to execute arbitrary code.
04bd7b9ca73f4b44ae8593cedd0d89f713e03204ec70e2369076561a95f7bd14
Red Hat Security Advisory 2020-1288-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Issues addressed include an out of bounds write vulnerability.
89719e6b81441f976dd3381193a1c7ab82863d5a4068e38baa0bcc2c20bca64d
Red Hat Security Advisory 2020-1290-01 - HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Issues addressed include an out of bounds write vulnerability.
8543e7b94677e15978de5119c6ea1bc027dd4b9630ee58bbf3947abb1242a170
Red Hat Security Advisory 2020-1289-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Issues addressed include an out of bounds write vulnerability.
43f7dbed2caec40c2917358ab5796636cad13980c6528820ebaf5c8d42ea78dc