Vulnerabilities > Haproxy > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-23 | CVE-2023-0056 | Resource Exhaustion vulnerability in multiple products An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. | 6.5 |
2021-08-17 | CVE-2021-39241 | An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. | 5.3 |
2019-05-09 | CVE-2019-11323 | Use of Uninitialized Resource vulnerability in Haproxy HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. | 5.9 |
2018-05-25 | CVE-2018-11469 | Information Exposure vulnerability in multiple products Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for_cacheability function. | 5.9 |
2017-08-22 | CVE-2016-2102 | Improper Authentication vulnerability in Haproxy HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network. | 5.3 |