CVE-2018-14645
A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpack_valid_idx() resulted in a remote crash and denial of service.
| Software | From | Fixed in |
|---|---|---|
| haproxy / haproxy | - | 1.8.14.x |
| canonical / ubuntu_linux | 18.04 | 18.04.x |
| redhat / enterprise_linux | 7.4 | 7.4.x |
| redhat / enterprise_linux | 7.0 | 7.0.x |
| redhat / enterprise_linux | 7.3 | 7.3.x |
| redhat / enterprise_linux | 7.5 | 7.5.x |
| redhat / openshift_container_platform | 3.9 | 3.9.x |
| redhat / enterprise_linux | 7.6 | 7.6.x |
| redhat / openshift | 3.10 | 3.10.x |
- https://access.redhat.com/errata/RHBA-2019:0028
- https://access.redhat.com/errata/RHSA-2018:2882
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14645
- https://usn.ubuntu.com/3780-1/
- https://www.mail-archive.com/haproxy@formilux.org/msg31253.html
- https://www.mail-archive.com/haproxy%40formilux.org/msg31253.html
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime