公告ID: KYLIN-2019-19330
安全等级: 中等
产品: Kylin V3
发布日期: 2019年11月25日
CVE: CVE-2019-19330
CVSS3评分: 7.5
概述:
None 描述:
The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks. 系统版本:
KYLIN 3.2.x
KYLIN 3.3.x
KYLIN 3.4.x
受影响包列表:
haproxy
haproxy
haproxy