Oval Definition:	oval:org.opensuse.security:def:202139241
Revision Date: 2022-09-02 Version: 1 Title: CVE-2021-39241 Description: An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. An HTTP method name may contain a space followed by the name of a protected resource. It is possible that a server would interpret this as a request for that protected resource, such as in the "GET /admin? HTTP/1.1 /static/images HTTP/1.1" example. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2021-39241 SUSE CVE-2021-39241 Platform(s): SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis SUSE OpenStack Cloud 7 is installed AND haproxy is not affected Definition Synopsis Release Information SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND haproxy is not affected Definition Synopsis Release Information SUSE OpenStack Cloud 8 is installed OR SUSE OpenStack Cloud Crowbar 8 is installed AND haproxy is not affected Definition Synopsis Release Information SUSE OpenStack Cloud 9 is installed OR SUSE OpenStack Cloud Crowbar 9 is installed AND haproxy is not affected Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND haproxy is not affected Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND haproxy is not affected
BACK