Security Advisory

CVE-2020-11100

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-04-02 14:23:05

Last updated 2024-08-04 11:21:14

Assigner mitre

State PUBLISHED

Description

In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.

← Browse all CVEs View on cve.org ↗