HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions, as exploited in the wild in 2024.
References
Configurations
Configuration 1 (hide)
|
History
14 Oct 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions, as exploited in the wild in 2024. |
05 Sep 2024, 14:39
Type | Values Removed | Values Added |
---|---|---|
References | () http://git.haproxy.org/?p=haproxy-3.0.git%3Ba=commitdiff%3Bh=c725db17e8416ffb3c1537aea756356228ce5e3c - Broken Link | |
References | () http://git.haproxy.org/?p=haproxy-3.0.git%3Ba=commitdiff%3Bh=d636e515453320c6e122c313c661a8ac7d387c7f - Broken Link | |
References | () https://www.haproxy.org/ - Product | |
References | () https://www.haproxy.org/download/3.1/src/CHANGELOG - Release Notes | |
References | () https://www.mail-archive.com/haproxy%40formilux.org/msg45280.html - Release Notes | |
References | () https://www.mail-archive.com/haproxy%40formilux.org/msg45281.html - Release Notes | |
CWE | NVD-CWE-noinfo | |
Summary |
|
|
CPE | cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:* cpe:2.3:a:haproxy:haproxy:3.1:dev1:*:*:*:*:*:* cpe:2.3:a:haproxy:haproxy:3.1:dev4:*:*:*:*:*:* cpe:2.3:a:haproxy:haproxy:3.1:dev2:*:*:*:*:*:* cpe:2.3:a:haproxy:haproxy:3.1:dev0:*:*:*:*:*:* cpe:2.3:a:haproxy:haproxy:3.1:dev3:*:*:*:*:*:* cpe:2.3:a:haproxy:haproxy:3.1:dev5:*:*:*:*:*:* |
|
First Time |
Haproxy
Haproxy haproxy |
04 Sep 2024, 16:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
04 Sep 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-04 15:15
Updated : 2024-10-14 03:15
NVD link : CVE-2024-45506
Mitre link : CVE-2024-45506
CVE.ORG link : CVE-2024-45506
JSON object : View
Products Affected
haproxy
- haproxy
CWE