In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.
2020-04-02T15:15:17.483
2024-11-21T04:56:47.257
Modified
CVSSv3.1: 8.8 (HIGH)
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.0
6.4
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | haproxy | haproxy | < 2.1.4 | Yes |
Operating System | debian | debian_linux | 10.0 | Yes |
Application | redhat | openshift_container_platform | 3.11 | Yes |
Application | redhat | openshift_container_platform | 4.0 | Yes |
Operating System | fedoraproject | fedora | 30 | Yes |
Operating System | fedoraproject | fedora | 31 | Yes |
Operating System | canonical | ubuntu_linux | 18.04 | Yes |
Operating System | canonical | ubuntu_linux | 19.10 | Yes |
Operating System | opensuse | leap | 15.1 | Yes |