Vulnerabilities > Haproxy > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-23 | CVE-2019-18277 | HTTP Request Smuggling vulnerability in Haproxy A flaw was found in HAProxy before 2.0.6. | 7.5 |
| 2019-03-21 | CVE-2018-20615 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. | 7.5 |
| 2018-12-12 | CVE-2018-20103 | Infinite Loop vulnerability in multiple products An issue was discovered in dns.c in HAProxy through 1.8.14. | 7.5 |
| 2018-12-12 | CVE-2018-20102 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. | 7.5 |
| 2018-09-21 | CVE-2018-14645 | Out-of-bounds Read vulnerability in multiple products A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. | 7.5 |
| 2018-05-09 | CVE-2018-10184 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in HAProxy before 1.8.8. | 7.5 |
| 2016-06-30 | CVE-2016-5360 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other impact via unknown vectors. | 7.5 |