Vulnerability CVE-2019-18277

Vulnerability Name:

CVE-2019-18277 (CCN-169992)

Assigned:

2019-09-12

Published:

2019-09-12

Updated:

2022-06-02

Summary:

A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specification).

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

6.5 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L)
5.7 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-444

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2019-18277

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2019:2626

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2019:2645

Source: XF
Type: UNKNOWN
haproxy-cve201918277-weak-security(169992)

Source: CCN
Type: HAProxy GIT Repository
BUG/MEDIUM: http: also reject messages where "chunked" is missing from transfer-enoding

Source: MISC
Type: Patch, Vendor Advisory
https://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=196a7df44d8129d1adc795da020b722614d6a581

Source: MLIST
Type: UNKNOWN
[debian-lts-announce] 20220530 [SECURITY] [DLA 3034-1] haproxy security update

Source: MISC
Type: Exploit, Third Party Advisory
https://nathandavison.com/blog/haproxy-http-request-smuggling

Source: UBUNTU
Type: UNKNOWN
USN-4174-1

Source: CCN
Type: IBM Security Bulletin 6380900 (Aspera High-Speed Transfer Server)
HAProxy vulnerability CVE-2019-18277 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0

Source: MISC
Type: Release Notes
https://www.mail-archive.com/haproxy@formilux.org/msg34926.html

Vulnerable Configuration:

Configuration 1:

cpe:/a:haproxy:haproxy:*:*:*:*:*:*:*:* (Version < 2.0.6)

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration CCN 1:

cpe:/a:haproxy:haproxy:2.0.5:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201918277	V	CVE-2019-18277	2022-09-02
oval:org.opensuse.security:def:4299	P	Security update for resource-agents (Moderate)	2022-07-08
oval:org.opensuse.security:def:112392	P	haproxy-2.4.4+git0.acb1d0bea-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:58069	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:69569	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:60430	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:4287	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:4164	P	Security update for fetchmail (Moderate)	2021-10-20
oval:org.opensuse.security:def:105902	P	haproxy-2.4.4+git0.acb1d0bea-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:4156	P	Security update for gd (Moderate)	2021-09-27
oval:org.opensuse.security:def:57510	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:4219	P	Security update for ffmpeg (Important)	2021-09-23
oval:org.opensuse.security:def:61604	P	logrotate-3.13.0-4.3.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61689	P	zypper-1.14.27-1.11 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:63229	P	ovmf-2017+git1510945757.b2662641d5-5.22.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61605	P	mailx-12.5-1.87 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61628	P	postgresql-10-6.8 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:57995	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:5096	P	Security update for unrar (Moderate)	2021-08-25
oval:org.opensuse.security:def:4214	P	Security update for openexr (Important)	2021-08-20
oval:org.opensuse.security:def:60334	P	Security update for fetchmail (Moderate)	2021-08-18
oval:org.opensuse.security:def:14010	P	powerpc-utils-1.3.2-17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13954	P	libsndfile1-1.0.25-25.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14028	P	rsyslog-8.4.0-14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13988	P	ntp-4.2.8p8-14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14006	P	perl-Tk-804.031-3.76 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13976	P	libxcb-dri2-0-1.10-3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:63351	P	libtcmu2-1.5.2-3.3.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63493	P	libsndfile1-32bit-1.0.28-5.5.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63421	P	ffmpeg-3.4.2-9.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63338	P	libecpg6-13.2-5.6.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63367	P	python3-virt-bootstrap-1.0.0-5.3.124 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63443	P	libxslt1-32bit-1.1.32-3.8.24 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:62070	P	enscript-1.6.6-1.17 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62264	P	mutt-1.10.1-3.20.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62158	P	libidn2-0-2.2.0-3.6.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62748	P	gdk-pixbuf-query-loaders-32bit-2.40.0-3.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62354	P	xen-libs-4.14.1_16-1.6 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63027	P	ocaml-4.05.0-13.5 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63021	P	libpcp-devel-4.3.1-3.11.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:57065	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:4278	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:4436	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:4201	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:74356	P	Security update for wireshark (Important)	2021-06-22
oval:org.opensuse.security:def:4428	P	Security update for the Linux Kernel (Live Patch 16 for SLE 12 SP5) (Important)	2021-06-18
oval:org.opensuse.security:def:4432	P	Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP5) (Important)	2021-06-18
oval:org.opensuse.security:def:5058	P	Security update for the Linux Kernel (Important)	2021-06-09
oval:org.opensuse.security:def:13350	P	libapr-util1-1.5.3-1.46 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13345	P	libXtst6-1.2.2-3.59 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13251	P	MozillaFirefox-28.0-3.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13355	P	libdmx1-1.1.3-3.51 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13368	P	libjavascriptcoregtk-3_0-0-2.2.7-3.26 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13259	P	apache-commons-httpclient-3.1-4.364 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13284	P	dbus-1-1.8.8-1.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13294	P	expat-2.1.0-13.202 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:63527	P	PackageKit-gstreamer-plugin-1.1.10-2.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13303	P	gdk-pixbuf-loader-rsvg-2.40.2-1.10 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13276	P	cpp48-4.8.3+r212056-6.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13316	P	gvim-7.4.326-2.14 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13301	P	gd-2.1.0-3.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13328	P	krb5-1.12.1-6.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13337	P	libXfixes3-32bit-5.0.1-3.53 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:4421	P	Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP5) (Important)	2021-05-25
oval:org.opensuse.security:def:4193	P	Security update for libass (Moderate)	2021-05-20
oval:org.opensuse.security:def:5036	P	Security update for lz4 (Important)	2021-05-14
oval:org.opensuse.security:def:4396	P	Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP5) (Important)	2021-04-28
oval:org.opensuse.security:def:4398	P	Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP5) (Important)	2021-04-28
oval:org.opensuse.security:def:57903	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:4384	P	Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP5) (Important)	2021-04-07
oval:org.opensuse.security:def:4391	P	Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP5) (Important)	2021-04-07
oval:org.opensuse.security:def:58107	P	Security update for openssl (Moderate)	2021-03-24
oval:org.opensuse.security:def:59864	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:60471	P	Security update for openssl-1_0_0 (Moderate)	2021-03-08
oval:org.opensuse.security:def:4177	P	Security update for python-bottle (Important)	2021-02-16
oval:org.opensuse.security:def:5074	P	Security update for sudo (Important)	2021-01-26
oval:org.opensuse.security:def:59734	P	Security update for dnsmasq (Important)	2021-01-19
oval:org.opensuse.security:def:69464	P	Security update for tcmu-runner (Important)	2021-01-18
oval:org.opensuse.security:def:4394	P	Security update for the Linux Kernel (Important)	2021-01-15
oval:org.opensuse.security:def:61690	P	Mesa-19.3.4-45.23 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63255	P	apache2-mod_wsgi-python3-4.5.18-2.27 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63388	P	apache-commons-daemon-1.0.15-2.51 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13103	P	libxslt-tools-1.1.28-17.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13151	P	python-PyYAML-3.12-26.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13026	P	libmusicbrainz4-2.1.5-27.79 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61713	P	ceph-common-15.2.2.18+g1dbcddb5d8-1.10 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13050	P	libpoppler-glib8-0.43.0-16.15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13150	P	python-2.7.13-28.31.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13226	P	yast2-users-3.2.19-1.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61884	P	libsoup-2_4-1-2.68.3-2.32 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62394	P	audiofile-devel-0.3.6-1.26 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63390	P	jakarta-commons-fileupload-1.1.1-2.82 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13072	P	libsqlite3-0-3.8.10.2-9.12.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13165	P	res-signingkeys-3.0.42-52.38.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62571	P	libopenjpeg1-1.5.2-2.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62604	P	spice-vdagent-0.17.0-2.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13120	P	ntp-4.2.8p13-85.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13184	P	strongswan-5.1.3-26.5.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13042	P	libpcap1-1.8.1-10.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62923	P	perl-doc-5.26.1-7.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13167	P	rpm-32bit-4.11.2-16.21.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62486	P	perl-Tk-804.034-1.44 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63053	P	libmunge2-0.5.14-4.9.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62547	P	libcairo2-32bit-1.15.10-4.5.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13182	P	squid-4.8-2.17 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13002	P	libipa_hbac0-1.16.1-4.17.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62700	P	libsrtp-devel-1.6.0-2.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62548	P	libcdio++0-0.94-6.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13201	P	ucode-intel-20191112-1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13024	P	libmpfr4-3.1.2-7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63155	P	krb5-plugin-kdb-ldap-1.15.2-4.25 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13070	P	libspice-client-glib-2_0-8-0.33-3.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63593	P	libreoffice-6.1.3.2-6.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63152	P	grub2-x86_64-xen-2.02-17.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12994	P	libgssglue1-0.4-3.76 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63249	P	apache2-devel-2.4.43-1.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13034	P	libopenssl-1_0_0-devel-1.0.2p-3.11.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13117	P	mozilla-nspr-32bit-4.21-19.9.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61797	P	libXrandr-devel-1.5.1-2.17 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63287	P	memcached-1.5.6-4.5.30 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13056	P	libpython3_6m1_0-3.6.8-2.13 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13132	P	pam_u2f-1.0.8-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4359	P	Security update for the Linux Kernel (Live Patch 18 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4315	P	Security update for the Linux Kernel (Live Patch 6 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4376	P	Security update for the Linux Kernel (Live Patch 16 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:59438	P	Security update for python3 (Important)	2020-12-02
oval:org.opensuse.security:def:4250	P	Security update for the Linux Kernel (Important)	2020-12-02
oval:org.opensuse.security:def:4262	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4256	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4339	P	Security update for the Linux Kernel (Live Patch 17 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:60171	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:64160	P	Security update for bcm43xx-firmware (Moderate)	2020-12-01
oval:org.opensuse.security:def:60928	P	Security update for haproxy (Important)	2020-12-01
oval:org.opensuse.security:def:56827	P	Security update for sssd (Moderate)	2020-12-01
oval:org.opensuse.security:def:60849	P	Security update for OpenStack (Moderate)	2020-12-01
oval:org.opensuse.security:def:59008	P	Security update for wpa_supplicant (Moderate)	2020-12-01
oval:org.opensuse.security:def:58188	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:56664	P	Security update for libwpd (Important)	2020-12-01
oval:org.opensuse.security:def:60589	P	Security update for cobbler (Important)	2020-12-01
oval:org.opensuse.security:def:66233	P	Security update for haproxy (Important)	2020-12-01
oval:org.opensuse.security:def:74482	P	Security update for haproxy (Important)	2020-12-01
oval:org.opensuse.security:def:59030	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:57238	P	Security update for OpenSSL	2020-12-01
oval:org.opensuse.security:def:60512	P	policycoreutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64262	P	glib2-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59186	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:57344	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:60550	P	syslog-service on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64304	P	libXi-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59248	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:60686	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:60639	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:59007	P	Security update for libssh2_org (Important)	2020-12-01
oval:org.opensuse.security:def:64416	P	mailx on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:58212	P	Security update for haproxy (Important)	2020-12-01
oval:org.opensuse.security:def:72922	P	Security update for haproxy (Important)	2020-12-01
oval:org.opensuse.security:def:59270	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:59619	P	Security update for git (Moderate)	2020-12-01
oval:org.opensuse.security:def:57795	P	libgc1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60770	P	Security update for libqt5-qtbase (Important)	2020-12-01
oval:org.opensuse.security:def:66141	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:59428	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:60808	P	Security update for gcc9 (Moderate)	2020-12-01
oval:org.opensuse.security:def:59681	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:59919	P	Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:60899	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:59247	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:60667	P	Security update for haproxy (Important)	2020-12-01
oval:org.opensuse.security:def:60218	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:58138	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:63920	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:72804	P	Security update for sysstat (Moderate)	2020-12-01
oval:org.opensuse.security:def:56665	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:59982	P	Security update for libjpeg-turbo (Important)	2020-12-01
oval:org.opensuse.security:def:64054	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:56687	P	Security update for xen (Important)	2020-12-01
oval:com.redhat.rhsa:def:20201725	P	RHSA-2020:1725: haproxy security, bug fix, and enhancement update (Moderate)	2020-04-28
oval:org.opensuse.security:def:87994	P	Security update for haproxy (Important)	2019-12-12
oval:org.opensuse.security:def:80847	P	Security update for haproxy (Important)	2019-12-12
oval:org.opensuse.security:def:88298	P	Security update for haproxy (Important)	2019-12-12
oval:org.opensuse.security:def:83933	P	Security update for haproxy (Important)	2019-12-12
oval:org.opensuse.security:def:84381	P	Security update for haproxy (Important)	2019-12-12
oval:org.opensuse.security:def:125075	P	Security update for haproxy (Important)	2019-12-12
oval:org.opensuse.security:def:110106	P	Security update for haproxy (Important)	2019-12-04
oval:org.opensuse.security:def:91839	P	Security update for haproxy (Important)	2019-11-29
oval:org.opensuse.security:def:98789	P	Security update for haproxy (Important)	2019-11-29
oval:com.ubuntu.disco:def:2019182770000000	V	CVE-2019-18277 on Ubuntu 19.04 (disco) - medium.	2019-10-23
oval:com.ubuntu.bionic:def:2019182770000000	V	CVE-2019-18277 on Ubuntu 18.04 LTS (bionic) - medium.	2019-10-23
oval:com.ubuntu.xenial:def:2019182770000000	V	CVE-2019-18277 on Ubuntu 16.04 LTS (xenial) - medium.	2019-10-23

BACK