CVE-2023-0056
published 2023-03-23CVE-2023-0056: An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | haproxy | < haproxy 2.6.8-1 (bookworm) | haproxy 2.6.8-1 (bookworm) |
| fedoraproject | extra_packages_for_enterprise_linux | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| haproxy | haproxy | >= 0 < 2.2.9-2+deb11u4 | 2.2.9-2+deb11u4 |
| haproxy | haproxy | >= 0 < 2.6.8-1 | 2.6.8-1 |
| haproxy | haproxy | >= 0 < 2.6.8-1 | 2.6.8-1 |
| haproxy | haproxy | >= 0 < 2.6.8-1 | 2.6.8-1 |
| redhat | ceph_storage | — | — |
| redhat | openshift_container_platform | — | — |
| redhat | openshift_container_platform | — | — |
| redhat | openshift_container_platform | — | — |
| redhat | openshift_container_platform_for_ibm_linuxone | — | — |
| redhat | openshift_container_platform_for_ibm_linuxone | — | — |
| redhat | openshift_container_platform_for_ibm_linuxone | — | — |
| redhat | openshift_container_platform_for_power | — | — |
| redhat | openshift_container_platform_for_power | — | — |
| redhat | openshift_container_platform_for_power | — | — |
| redhat | openshift_container_platform_ibm_z_systems | — | — |
| redhat | openshift_container_platform_ibm_z_systems | — | — |
| redhat | openshift_container_platform_ibm_z_systems | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv6.5MEDIUM