Bitnami/haproxy — 17 CVEs · VulnScope

pkg:Bitnami/haproxy

17 total CVEsCRITICAL1HIGH11MEDIUM5

✅ Check your installed version

All known vulnerabilities

CRITICAL9.1CVE-2023-25725haproxy - security update
from 0, < 2.0.31, >= 2.1.0, < 2.2.29, >= 2.3.0, < 2.4.22, >= 2.5.0, < 2.5.12, >= 2.6.0, < 2.6.9, >= 2.7.0, < 2.7.3
HIGH8.8CVE-2020-11100haproxy - security update
>= 1.8.0, < 2.1.4
HIGH8.2CVE-2023-45539haproxy - security update
from 0, < 2.8.2
HIGH7.5haproxy - security update
>= 2.4.0, < 2.4.30, >= 2.6.0, < 2.6.23, >= 2.8.0, < 2.8.16, >= 3.0.0, < 3.0.12, >= 3.1.0, < 3.1.9, >= 3.2.0, < 3.2.6
HIGH7.5HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwardi…
>= 2.9.0, < 2.9.10, >= 3.0.0, < 3.0.4
HIGH7.5haproxy - security update
>= 2.1.0, < 2.1.1, >= 2.2.0, < 2.2.27, >= 2.3.0, < 2.3.1, >= 2.4.0, < 2.4.22, >= 2.5.0, < 2.5.12, >= 2.6.0, < 2.6.9, >= 2.7.0, < 2.7.1
HIGH7.5haproxy - security update
>= 2.2.0, < 2.2.21, >= 2.3.0, < 2.3.18, >= 2.4.0, < 2.4.13
HIGH7.5haproxy - security update
>= 2.0.0, < 2.0.25, >= 2.2.0, < 2.2.17, >= 2.3.0, < 2.3.14, >= 2.4.0, < 2.4.4
HIGH7.5An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3.
>= 2.2.0, < 2.2.16, >= 2.3.0, < 2.3.13, >= 2.4.0, < 2.4.3
HIGH7.5haproxy - security update
>= 2.2.0, < 2.2.16, >= 2.3.0, < 2.3.13, >= 2.4.0, < 2.4.3
HIGH7.3HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate u…
>= 2.6.1, < 2.6.8, >= 2.7.0, < 2.7.1
HIGH7.2haproxy - security update
from 0, < 2.0.33, >= 2.2.0, < 2.2.31, >= 2.4.0, < 2.4.24, >= 2.5.0, < 2.6.15, >= 2.7.0, < 2.7.10, >= 2.8.0, < 2.8.2
MEDIUM6.8haproxy - security update
>= 2.2.0, < 2.9.6, >= 3.0.0, < 3.1.7
MEDIUM6.5haproxy - security update
MEDIUM5.3Inconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy.
>= 2.6.0, < 2.9.10, >= 3.0.0, < 3.0.3
MEDIUM5.3QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address.
from 0, < 2.9.11, >= 3.0.0, < 3.0.5
MEDIUM5.3An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3.
>= 2.0.0, < 2.0.24, >= 2.2.0, < 2.2.16, >= 2.3.0, < 2.3.13, >= 2.4.0, < 2.4.3