CVE-2013-2175

Priority
Description
HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use
hdr_ip or other "hdr_*" functions with a negative occurrence count, allows
remote attackers to cause a denial of service (negative array index usage
and crash) via an HTTP header with a certain number of values, related to
the MAX_HDR_HISTORY variable.
Assigned-to
mdeslaur
Notes
More Information

Updated: 2019-12-05 21:04:10 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)