Updated: 2024-11-30 02:37:25.309721
Description:
A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | MEDIUM | 5 |
CVSS Version 3.x | HIGH | 7.5 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
CentOS 8.4 ELS | haproxy | 1.8.27-2 | 7.5 | HIGH | Not Vulnerable | 2022-04-22 16:06:31 | ||
CentOS 8.5 ELS | haproxy | 1.8.27-2 | 7.5 | HIGH | Not Vulnerable | 2022-04-22 16:06:31 |