CVE-2024-45506 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2024-45506 Interim 1 7 2025-02-16T00:50:42Z current 2024-09-03T23:09:55Z 2025-02-16T00:50:42Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2024-45506 HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions, as exploited in the wild in 2024. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise High Availability Extension 12 SP5 SUSE Linux Enterprise High Availability Extension 15 SP2 SUSE Linux Enterprise High Availability Extension 15 SP3 SUSE Linux Enterprise High Availability Extension 15 SP4 SUSE Linux Enterprise High Availability Extension 15 SP5 SUSE Linux Enterprise High Availability Extension 15 SP6 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro 5.5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Micro 6.0 openSUSE Leap 15.5 openSUSE Leap 15.6 openSUSE Tumbleweed haproxy haproxy-3.0.4+git0.7a59afa93-1.1 haproxy-3.0.4+git0.7a59afa93-1.1 as a component of openSUSE Tumbleweed haproxy as a component of SUSE Linux Enterprise High Availability Extension 12 SP5 haproxy as a component of SUSE Linux Enterprise High Availability Extension 15 SP2 haproxy as a component of SUSE Linux Enterprise High Availability Extension 15 SP3 haproxy as a component of SUSE Linux Enterprise High Availability Extension 15 SP4 haproxy as a component of SUSE Linux Enterprise High Availability Extension 15 SP5 haproxy as a component of SUSE Linux Enterprise High Availability Extension 15 SP6 haproxy as a component of SUSE Linux Enterprise Micro 5.3 haproxy as a component of SUSE Linux Enterprise Micro 5.4 haproxy as a component of SUSE Linux Enterprise Micro 5.5 haproxy as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 haproxy as a component of SUSE Linux Micro 6.0 haproxy as a component of openSUSE Leap 15.5 haproxy as a component of openSUSE Leap 15.6 HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions, as exploited in the wild in 2024. CVE-2024-45506 openSUSE Tumbleweed:haproxy-3.0.4+git0.7a59afa93-1.1 SUSE Linux Enterprise High Availability Extension 12 SP5:haproxy SUSE Linux Enterprise High Availability Extension 15 SP2:haproxy SUSE Linux Enterprise High Availability Extension 15 SP3:haproxy SUSE Linux Enterprise High Availability Extension 15 SP4:haproxy SUSE Linux Enterprise High Availability Extension 15 SP5:haproxy SUSE Linux Enterprise High Availability Extension 15 SP6:haproxy SUSE Linux Enterprise Micro 5.3:haproxy SUSE Linux Enterprise Micro 5.4:haproxy SUSE Linux Enterprise Micro 5.5:haproxy SUSE Linux Enterprise Server for SAP Applications 12 SP5:haproxy SUSE Linux Micro 6.0:haproxy openSUSE Leap 15.5:haproxy openSUSE Leap 15.6:haproxy important 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H