Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in HAProxy before 1.8.8. The incoming H2 frame length was checked against the max_frame_size setting instead of being checked against the bufsize. The max_frame_size only applies to outgoing traffic and not to incoming, so if a large enough frame size is advertised in the SETTINGS frame, a wrapped frame will be defragmented into a temporary allocated buffer where the second fragment may overflow the heap by up to 16 kB. It is very unlikely that this can be exploited for code execution given that buffers are very short lived and their addresses not realistically predictable in production, but the likelihood of an immediate crash is absolutely certain.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
HAProxy 安全漏洞
Vulnerability Description
HAProxy是法国HAProxy公司的一款开源的TCP/HTTP负载均衡服务器。该服务器提供4层、7层代理,并能支持上万级别的连接,具有高效、稳定等特点。 HAProxy 1.8.8之前版本中安全漏洞,该漏洞源于程序根据max_frame_size的设置而非缓冲区的大小来检测传入的H2框架。攻击者可利用该漏洞造成拒绝服务(崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A