haproxy: HTTP/2 implementation vulnerable to intermediary encapsulation attacks (CVE-2019-19330)ID: oval:org.secpod.oval:def:1801678 | Date: (C)2020-01-25 (M)2023-11-10 |
Class: PATCH | Family: unix |
The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return , line feed , and the zero character , aka Intermediary Encapsulation Attacks.changed the descriptionchanged the descriptionmade the issue visible to everyone
Platform: |
Alpine Linux 3.10 |
Alpine Linux 3.11 |
Alpine Linux 3.8 |
Alpine Linux 3.9 |