[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2018:3249-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":56,"epss":9,"epss_history":57,"metrics":58,"affected":59},"SUSE-SU-2018:3249-1","Security update for haproxy\n\nThis update for haproxy to version 1.8.14 fixes the following issues:\n\nThese security issues were fixed:\n\n- CVE-2018-14645: A flaw was discovered in the HPACK decoder what caused an\n  out-of-bounds read in hpack_valid_idx() that resulted in a remote crash and\n  denial of service (bsc#1108683)\n- CVE-2018-11469: Incorrect caching of responses to requests including an\n  Authorization header allowed attackers to achieve information disclosure via an\n  unauthenticated remote request (bsc#1094846).\n\nThese non-security issues were fixed:\n\n- Require apparmor-abstractions to reduce dependencies (bsc#1100787)\n- hpack: fix improper sign check on the header index value\n- cli: make sure the 'getsock' command is only called on connections\n- tools: fix set_net_port() / set_host_port() on IPv4\n- patterns: fix possible double free when reloading a pattern list\n- server: Crash when setting FQDN via CLI.\n- kqueue: Don't reset the changes number by accident.\n- snapshot: take the proxy's lock while dumping errors\n- http/threads: atomically increment the error snapshot ID\n- dns: check and link servers' resolvers right after config parsing\n- h2: fix risk of memory leak on malformated wrapped frames\n- session: fix reporting of handshake processing time in the logs\n- stream: use atomic increments for the request counter\n- thread: implement HA_ATOMIC_XADD()\n- ECC cert should work with TLS \u003C v1.2 and openssl >= 1.1.1\n- dns/server: fix incomatibility between SRV resolution and server state file\n- hlua: Don't call RESET_SAFE_LJMP if SET_SAFE_LJMP returns 0.\n- thread: lua: Wrong SSL context initialization.\n- hlua: Make sure we drain the output buffer when done.\n- lua: reset lua transaction between http requests\n- mux_pt: dereference the connection with care in mux_pt_wake()\n- lua: Bad HTTP client request duration.\n- unix: provide a ->drain() function\n- Fix spelling error in configuration doc\n- cli/threads: protect some server commands against concurrent operations\n- cli/threads: protect all 'proxy' commands against concurrent updates\n- lua: socket timeouts are not applied\n- ssl: Use consistent naming for TLS protocols\n- dns: explain set server ... fqdn requires resolver\n- map: fix map_regm with backref\n- ssl: loading dh param from certifile causes unpredictable error.\n- ssl: fix missing error loading a keytype cert from a bundle.\n- ssl: empty connections reported as errors.\n- cli: make 'show fd' thread-safe\n- hathreads: implement a more flexible rendez-vous point\n- threads: fix the no-thread case after the change to the sync point\n- threads: add more consistency between certain variables in no-thread case\n- threads: fix the double CAS implementation for ARMv7\n- threads: Introduce double-width CAS on x86_64 and arm.\n- lua: possible CLOSE-WAIT state with '\\n' headers\n\nFor additional changes please refer to the changelog.\n",null,[],[],[],[14,16],{"_key":15},"CVE-2018-11469",{"_key":17},"CVE-2018-14645",[],[],[21,22],{"_key":15},{"_key":17},"2018-10-19T12:59:02Z","2026-02-04T03:14:03.339633Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,34,39,43,47,52],{"url":29,"sources":30,"tags":32},"https://www.suse.com/support/update/announcement/2018/suse-su-20183249-1/",[31],"osv_suse",[33],"Advisory",{"url":35,"sources":36,"tags":37},"https://bugzilla.suse.com/1094846",[31],[38],"REPORT",{"url":40,"sources":41,"tags":42},"https://bugzilla.suse.com/1100787",[31],[38],{"url":44,"sources":45,"tags":46},"https://bugzilla.suse.com/1108683",[31],[38],{"url":48,"sources":49,"tags":50},"https://www.suse.com/security/cve/CVE-2018-11469",[31],[51],"WEB",{"url":53,"sources":54,"tags":55},"https://www.suse.com/security/cve/CVE-2018-14645",[31],[51],[],[],[],[60],{"ecosystem":61,"name":62,"vendor":63,"product":64,"cpe_part":9,"purl_type":65,"purl_namespace":63,"purl_name":64,"source":9,"versions":66},"SUSE Linux Enterprise","haproxy","suse","haproxy&distro=SUSE Linux Enterprise High Availability Extension 15","rpm",[67],{"version":68,"is_range":69,"range_type":70,"version_start":9,"version_start_type":9,"version_end":71,"version_end_type":72,"fixed_in":9},"lt1_8_14~git0_52e4d43b_3_3_2",true,"ecosystem","1.8.14~git0.52e4d43b-3.3.2","excluding"]