CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
71.4%
Medium
HAProxy
It was discovered that HAProxy incorrectly handled certain buffers. A remote attacker could possibly use this issue to obtain sensitive information belonging to previous requests.
_Severity is medium unless otherwise noted.
_
Users of affected versions should apply the following mitigation:
2015-07-10: Notice initially published
2017-04-04: Notice updated with instructions to update cf-release and routing-release