![icon](https://www.mend.io/vulnerability-database/wp-content/themes/whitesource/img/search_cube.png)
We found results for “”
CVE-2019-19330
Good to know:
![A fix is available icon](https://www.mend.io/vulnerability-database//wp-content/themes/whitesource/img/icon2.png)
Date: November 27, 2019
The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks.
Language: C
Severity Score
Related Resources (17)
Severity Score
Weakness Type (CWE)
Injection
CWE-74Top Fix
![icon](https://www.mend.io/vulnerability-database//wp-content/themes/whitesource/img/sec5.png)
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | NONE |
Availability (A): | NONE |
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | NETWORK |
Access Complexity (AC): | LOW |
Authentication (AU): | NONE |
Confidentiality (C): | PARTIAL |
Integrity (I): | NONE |
Availability (A): | NONE |
Additional information: |