Total vulnerabilities in the database
An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.
| Software | From | Fixed in |
|---|---|---|
| haproxy / haproxy | 1.8.0 | 1.8.19.x |
| haproxy / haproxy | 1.9.0-dev0 | 1.9.0-dev0.x |
| haproxy / haproxy | 1.9.0-dev1 | 1.9.0-dev1.x |
| haproxy / haproxy | 1.9.0-dev2 | 1.9.0-dev2.x |
| haproxy / haproxy | 1.9.0-dev3 | 1.9.0-dev3.x |
| haproxy / haproxy | 1.9.0-dev4 | 1.9.0-dev4.x |
| haproxy / haproxy | 1.9.0-dev5 | 1.9.0-dev5.x |
| haproxy / haproxy | 1.9.0-dev6 | 1.9.0-dev6.x |
| haproxy / haproxy | 1.9.0-dev7 | 1.9.0-dev7.x |
| haproxy / haproxy | 1.9.0-dev8 | 1.9.0-dev8.x |
| haproxy / haproxy | 1.9.0-dev9 | 1.9.0-dev9.x |
| haproxy / haproxy | 1.9.0-dev10 | 1.9.0-dev10.x |
| haproxy / haproxy | 1.9.0-dev11 | 1.9.0-dev11.x |
| haproxy / haproxy | 1.9.0 | 1.9.0.x |
| opensuse / leap | 15.0 | 15.0.x |
| canonical / ubuntu_linux | 16.04 | 16.04.x |
| canonical / ubuntu_linux | 18.04 | 18.04.x |
| canonical / ubuntu_linux | 18.10 | 18.10.x |
| redhat / enterprise_linux | 7.4 | 7.4.x |
| redhat / enterprise_linux | 7.0 | 7.0.x |
| redhat / enterprise_linux | 7.5 | 7.5.x |
| redhat / openshift_container_platform | 3.11 | 3.11.x |
| redhat / enterprise_linux | 7.6 | 7.6.x |