vulnerability
Amazon Linux AMI 2: CVE-2021-39242: Security patch for haproxy2 (ALASHAPROXY2-2023-005)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:P/A:N) | Aug 17, 2021 | Sep 28, 2023 | Nov 26, 2024 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
Aug 17, 2021
Added
Sep 28, 2023
Modified
Nov 26, 2024
Description
An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host header, because a mismatch between Host and authority is mishandled.
Solution(s)
amazon-linux-ami-2-upgrade-haproxy2amazon-linux-ami-2-upgrade-haproxy2-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.