vulnerability

FreeBSD: VID-7f829d44-7509-11ea-b47c-589cfc0f81b0 (CVE-2020-11100): HAproxy -- serious vulnerability affecting the HPACK decoder used for HTTP/2

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:P/I:P/A:P)	Apr 2, 2020	Apr 3, 2020	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:P)

Published

Apr 2, 2020

Added

Apr 3, 2020

Modified

Dec 10, 2025

Description

The HAproxy Project reports: The main driver for this release is that it contains a fix for a serious vulnerability that was responsibly reported last week by Felix Wilhelm from Google Project Zero, affecting the HPACK decoder used for HTTP/2. CVE-2020-11100 was assigned to this issue.

Solutions

freebsd-upgrade-package-haproxyfreebsd-upgrade-package-haproxy18freebsd-upgrade-package-haproxy19freebsd-upgrade-package-haproxy21

References

CVE-2020-11100
https://attackerkb.com/topics/CVE-2020-11100
CWE-787

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today