CVE-2019-19330 vulnerability in HAProxy and Other Products
Published on November 27, 2019

The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2019-19330

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-19330 are published in these products:

HAProxy

Canonical Ubuntu Linux

Debian Linux

Exploit Probability

EPSS

0.96%

Percentile

76.45%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-19330 vulnerability in HAProxy and Other ProductsPublished on November 27, 2019

Products Associated with CVE-2019-19330

Exploit Probability

CVE-2019-19330 vulnerability in HAProxy and Other Products
Published on November 27, 2019