csaf_redhat - rhsa-2023

rhsa-2023_1978

Vulnerability from csaf_redhat

Published

2023-04-25 10:27

Modified

2024-09-16 11:07

Summary

Red Hat Security Advisory: haproxy security update

Notes

Topic

An update for haproxy is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fix(es): * haproxy: segfault DoS (CVE-2023-0056) * haproxy: request smuggling attack in HTTP/1 header parsing (CVE-2023-25725) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for haproxy is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.\n\nSecurity Fix(es):\n\n* haproxy: segfault DoS (CVE-2023-0056)\n\n* haproxy: request smuggling attack in HTTP/1 header parsing (CVE-2023-25725)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2023:1978",
        "url": "https://access.redhat.com/errata/RHSA-2023:1978"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2160808",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160808"
      },
      {
        "category": "external",
        "summary": "2169089",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169089"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_1978.json"
      }
    ],
    "title": "Red Hat Security Advisory: haproxy security update",
    "tracking": {
      "current_release_date": "2024-09-16T11:07:11+00:00",
      "generator": {
        "date": "2024-09-16T11:07:11+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "3.33.3"
        }
      },
      "id": "RHSA-2023:1978",
      "initial_release_date": "2023-04-25T10:27:06+00:00",
      "revision_history": [
        {
          "date": "2023-04-25T10:27:06+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2023-04-25T10:27:06+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-09-16T11:07:11+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
                  "product_id": "AppStream-9.0.0.Z.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_eus:9.0::appstream"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "haproxy-0:2.4.7-2.el9_0.2.src",
                "product": {
                  "name": "haproxy-0:2.4.7-2.el9_0.2.src",
                  "product_id": "haproxy-0:2.4.7-2.el9_0.2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/haproxy@2.4.7-2.el9_0.2?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "haproxy-0:2.4.7-2.el9_0.2.aarch64",
                "product": {
                  "name": "haproxy-0:2.4.7-2.el9_0.2.aarch64",
                  "product_id": "haproxy-0:2.4.7-2.el9_0.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/haproxy@2.4.7-2.el9_0.2?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "haproxy-debugsource-0:2.4.7-2.el9_0.2.aarch64",
                "product": {
                  "name": "haproxy-debugsource-0:2.4.7-2.el9_0.2.aarch64",
                  "product_id": "haproxy-debugsource-0:2.4.7-2.el9_0.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/haproxy-debugsource@2.4.7-2.el9_0.2?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.aarch64",
                "product": {
                  "name": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.aarch64",
                  "product_id": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/haproxy-debuginfo@2.4.7-2.el9_0.2?arch=aarch64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "haproxy-0:2.4.7-2.el9_0.2.ppc64le",
                "product": {
                  "name": "haproxy-0:2.4.7-2.el9_0.2.ppc64le",
                  "product_id": "haproxy-0:2.4.7-2.el9_0.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/haproxy@2.4.7-2.el9_0.2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "haproxy-debugsource-0:2.4.7-2.el9_0.2.ppc64le",
                "product": {
                  "name": "haproxy-debugsource-0:2.4.7-2.el9_0.2.ppc64le",
                  "product_id": "haproxy-debugsource-0:2.4.7-2.el9_0.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/haproxy-debugsource@2.4.7-2.el9_0.2?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.ppc64le",
                "product": {
                  "name": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.ppc64le",
                  "product_id": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/haproxy-debuginfo@2.4.7-2.el9_0.2?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "haproxy-0:2.4.7-2.el9_0.2.x86_64",
                "product": {
                  "name": "haproxy-0:2.4.7-2.el9_0.2.x86_64",
                  "product_id": "haproxy-0:2.4.7-2.el9_0.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/haproxy@2.4.7-2.el9_0.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "haproxy-debugsource-0:2.4.7-2.el9_0.2.x86_64",
                "product": {
                  "name": "haproxy-debugsource-0:2.4.7-2.el9_0.2.x86_64",
                  "product_id": "haproxy-debugsource-0:2.4.7-2.el9_0.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/haproxy-debugsource@2.4.7-2.el9_0.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.x86_64",
                "product": {
                  "name": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.x86_64",
                  "product_id": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/haproxy-debuginfo@2.4.7-2.el9_0.2?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "haproxy-0:2.4.7-2.el9_0.2.s390x",
                "product": {
                  "name": "haproxy-0:2.4.7-2.el9_0.2.s390x",
                  "product_id": "haproxy-0:2.4.7-2.el9_0.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/haproxy@2.4.7-2.el9_0.2?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "haproxy-debugsource-0:2.4.7-2.el9_0.2.s390x",
                "product": {
                  "name": "haproxy-debugsource-0:2.4.7-2.el9_0.2.s390x",
                  "product_id": "haproxy-debugsource-0:2.4.7-2.el9_0.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/haproxy-debugsource@2.4.7-2.el9_0.2?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.s390x",
                "product": {
                  "name": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.s390x",
                  "product_id": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/haproxy-debuginfo@2.4.7-2.el9_0.2?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "haproxy-0:2.4.7-2.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.aarch64"
        },
        "product_reference": "haproxy-0:2.4.7-2.el9_0.2.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "haproxy-0:2.4.7-2.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.ppc64le"
        },
        "product_reference": "haproxy-0:2.4.7-2.el9_0.2.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "haproxy-0:2.4.7-2.el9_0.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.s390x"
        },
        "product_reference": "haproxy-0:2.4.7-2.el9_0.2.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "haproxy-0:2.4.7-2.el9_0.2.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.src"
        },
        "product_reference": "haproxy-0:2.4.7-2.el9_0.2.src",
        "relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "haproxy-0:2.4.7-2.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.x86_64"
        },
        "product_reference": "haproxy-0:2.4.7-2.el9_0.2.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.aarch64"
        },
        "product_reference": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.ppc64le"
        },
        "product_reference": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.s390x"
        },
        "product_reference": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.x86_64"
        },
        "product_reference": "haproxy-debuginfo-0:2.4.7-2.el9_0.2.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "haproxy-debugsource-0:2.4.7-2.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.aarch64"
        },
        "product_reference": "haproxy-debugsource-0:2.4.7-2.el9_0.2.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "haproxy-debugsource-0:2.4.7-2.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.ppc64le"
        },
        "product_reference": "haproxy-debugsource-0:2.4.7-2.el9_0.2.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "haproxy-debugsource-0:2.4.7-2.el9_0.2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.s390x"
        },
        "product_reference": "haproxy-debugsource-0:2.4.7-2.el9_0.2.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "haproxy-debugsource-0:2.4.7-2.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.x86_64"
        },
        "product_reference": "haproxy-debugsource-0:2.4.7-2.el9_0.2.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-0056",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-01-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2160808"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "haproxy: segfault DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.s390x",
          "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.src",
          "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.s390x",
          "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.s390x",
          "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-0056"
        },
        {
          "category": "external",
          "summary": "RHBZ#2160808",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160808"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0056",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-0056"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0056",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0056"
        },
        {
          "category": "external",
          "summary": "https://github.com/haproxy/haproxy/issues/1972",
          "url": "https://github.com/haproxy/haproxy/issues/1972"
        }
      ],
      "release_date": "2022-12-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.s390x",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.src",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.s390x",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.s390x",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1978"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.s390x",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.src",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.s390x",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.s390x",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "haproxy: segfault DoS"
    },
    {
      "cve": "CVE-2023-25725",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2023-02-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2169089"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in HAProxy\u0027s headers processing that causes HAProxy to drop important headers fields such as Connection, Content-length, Transfer-Encoding, and Host after having partially processed them. A maliciously crafted HTTP request could be used in an HTTP request smuggling attack to bypass filtering and detection by HAProxy.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "haproxy: request smuggling attack in HTTP/1 header parsing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat OpenStack Platform doesn\u0027t ship any haproxy code of its own and instead the openstack-haproxy-container consumes the `haproxy` RPM provided by RHEL.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.s390x",
          "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.src",
          "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.s390x",
          "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.s390x",
          "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-25725"
        },
        {
          "category": "external",
          "summary": "RHBZ#2169089",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169089"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25725",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-25725"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25725",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25725"
        },
        {
          "category": "external",
          "summary": "https://www.haproxy.com/blog/february-2023-header-parser-fixed/",
          "url": "https://www.haproxy.com/blog/february-2023-header-parser-fixed/"
        },
        {
          "category": "external",
          "summary": "https://www.mail-archive.com/haproxy@formilux.org/msg43229.html",
          "url": "https://www.mail-archive.com/haproxy@formilux.org/msg43229.html"
        }
      ],
      "release_date": "2023-02-14T16:20:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.s390x",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.src",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.s390x",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.s390x",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1978"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.s390x",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.src",
            "AppStream-9.0.0.Z.EUS:haproxy-0:2.4.7-2.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.s390x",
            "AppStream-9.0.0.Z.EUS:haproxy-debuginfo-0:2.4.7-2.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.s390x",
            "AppStream-9.0.0.Z.EUS:haproxy-debugsource-0:2.4.7-2.el9_0.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "haproxy: request smuggling attack in HTTP/1 header parsing"
    }
  ]
}

cve-2023-25725

Vulnerability from cvelistv5

Published

2023-02-14 00:00

Modified

2024-08-02 11:32

Severity

Summary

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31.

References

URL	Tags
https://www.haproxy.org/
https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=a0e561ad7f29ed50c473f5a9da664267b60d1112
https://lists.debian.org/debian-lts-announce/2023/02/msg00012.html	mailing-list
https://www.debian.org/security/2023/dsa-5348	vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPTJQHKUEU2PQ7RWFUYAFLAD4STEIKHU/	vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JM5NCIBTHYDTLPY2UNC4HO2VAHHE6CJG/	vendor-advisory

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:32:11.848Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.haproxy.org/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=a0e561ad7f29ed50c473f5a9da664267b60d1112"
          },
          {
            "name": "[debian-lts-announce] 20230214 [SECURITY] [DLA 3318-1] haproxy security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00012.html"
          },
          {
            "name": "DSA-5348",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5348"
          },
          {
            "name": "FEDORA-2023-7e04833463",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPTJQHKUEU2PQ7RWFUYAFLAD4STEIKHU/"
          },
          {
            "name": "FEDORA-2023-3e8a21cd5b",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JM5NCIBTHYDTLPY2UNC4HO2VAHHE6CJG/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka \"request smuggling.\" The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-25T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.haproxy.org/"
        },
        {
          "url": "https://git.haproxy.org/?p=haproxy-2.7.git%3Ba=commit%3Bh=a0e561ad7f29ed50c473f5a9da664267b60d1112"
        },
        {
          "name": "[debian-lts-announce] 20230214 [SECURITY] [DLA 3318-1] haproxy security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00012.html"
        },
        {
          "name": "DSA-5348",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5348"
        },
        {
          "name": "FEDORA-2023-7e04833463",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPTJQHKUEU2PQ7RWFUYAFLAD4STEIKHU/"
        },
        {
          "name": "FEDORA-2023-3e8a21cd5b",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JM5NCIBTHYDTLPY2UNC4HO2VAHHE6CJG/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-25725",
    "datePublished": "2023-02-14T00:00:00",
    "dateReserved": "2023-02-13T00:00:00",
    "dateUpdated": "2024-08-02T11:32:11.848Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-0056

Vulnerability from cvelistv5

Published

2023-03-23 00:00

Modified

2024-08-02 04:54

Severity

Summary

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.

References

URL	Tags
https://access.redhat.com/security/cve/CVE-2023-0056

Impacted products

Vendor	Product
n/a	haproxy

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:54:32.577Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-0056"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "haproxy",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "unknown"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-23T00:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://access.redhat.com/security/cve/CVE-2023-0056"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-0056",
    "datePublished": "2023-03-23T00:00:00",
    "dateReserved": "2023-01-04T00:00:00",
    "dateUpdated": "2024-08-02T04:54:32.577Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

rhsa-2023_1978

Vulnerability from csaf_redhat

cve-2023-25725

Vulnerability from cvelistv5

cve-2023-0056

Vulnerability from cvelistv5

Tags