GCVE - cpe:2.3:a:haproxy:haproxy:1.5:dev8:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:haproxy:haproxy:1.5:dev8:*:*:*:*:*:*

part: a version: 1.5 update: dev8

Vendor	Haproxy (`bcdccbbb-bab3-5a27-b98b-5345a425d85c`)
Product	Haproxy (`0acaea08-d114-576a-98cc-ac99b15c19b7`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/haproxy`	purl2cpe	2026-06-01 10:18:18.505327
`pkg:deb/ubuntu/haproxy`	purl2cpe	2026-06-01 10:18:18.505328
`pkg:docker/haproxy/haproxy`	purl2cpe	2026-06-01 10:18:18.505330
`pkg:github/haproxy/haproxy`	purl2cpe	2026-06-01 10:18:18.505331
`pkg:haproxy/haproxy`	purl2cpe	2026-06-01 10:18:18.505332
`pkg:rpm/fedora/haproxy`	purl2cpe	2026-06-01 10:18:18.505334
`pkg:rpm/opensuse/haproxy`	purl2cpe	2026-06-01 10:18:18.505335

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2015-3281`	vulnerable	2026-06-08 05:06:37.892800	Details available The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information (uninitialized memory contents of previous requests) via a crafted request. Published: 2015-07-06T14:55:00.000Z Updated: 2024-08-06T05:39:32.116Z Open on db.gcve.eu Reference links http://rhn.redhat.com/errata/RHSA-2015-1741.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00023.html http://www.haproxy.org/news.html http://rhn.redhat.com/errata/RHSA-2015-2666.html http://www.ubuntu.com/usn/USN-2668-1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-2175`	vulnerable	2026-06-08 05:03:58.854923	Details available HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service (negative array index usage and crash) via an HTTP header with a certain number of values, related to the MAX_HDR_HISTORY variable. Published: 2013-08-19T00:00:00.000Z Updated: 2024-08-06T15:27:41.078Z Open on db.gcve.eu Reference links http://rhn.redhat.com/errata/RHSA-2013-1204.html http://marc.info/?l=haproxy&m=137147915029705&w=2 http://secunia.com/advisories/54344 https://bugzilla.redhat.com/show_bug.cgi?id=974259 http://www.debian.org/security/2013/dsa-2711	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.