AVG-2304 log

Package haproxy
Status Fixed
Severity Medium
Type insufficient validation
Affected 2.4.2-1
Fixed 2.4.3-1
Current 3.0.6-1 [extra]
Ticket None
Created Mon Aug 23 10:56:43 2021
Issue Severity Remote Type Description
CVE-2021-39242 Medium Yes Insufficient validation
An issue was discovered in HAProxy before 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host header, because a mismatch between Host...
CVE-2021-39241 Medium Yes Insufficient validation
An issue was discovered in HAProxy before 2.4.3. An HTTP method name may contain a space followed by the name of a protected resource. It is possible that a...
CVE-2021-39240 Medium Yes Insufficient validation
An issue was discovered in HAProxy before 2.4.3. It does not ensure that the scheme and path portions of a URI have the expected characters. For example,...