Endpoint Vulnerability

CVE-2020-11100haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes

Description

A flaw was found in the way HAProxy processed certain HTTP/2 request packets. This flaw allows an attacker to send crafted HTTP/2 request packets, which cause memory corruption, leading to a crash or potential remote arbitrary code execution with the permissions of the user running HAProxy.

Affected Products

haproxy

References

CVE-2020-11100,