0.003 Low
EPSS
Percentile
65.7%
haproxy is vulnerable to denial of service. An out-of-bounds read in the hpack_valid_idx() function in HPACK decoder used for HTTP/2 allows a remote attacker to crash the service.
hpack_valid_idx()
HTTP/2
access.redhat.com/errata/RHSA-2018:2882
access.redhat.com/security/updates/classification/#important