From this webpage screenshot, we can extract the following key information regarding vulnerabilities: 1. Vulnerability Descriptions: - H2 Mux Incomplete Frame Handling Issue: When processing incomplete frames, certain errors may prevent the connection from terminating, leading to endless wake-ups and CPU consumption. - H2 Send Function Issue: During error handling, if a GOAWAY is required but the output buffer is empty, it may result in an infinite loop. - QUIC Protocol Issue: When the accept queue is full, the connection cannot migrate to another thread and must be migrated back to the local thread, which in some cases may cause a crash. 2. Fixes Implemented: - CLI Command Fix: Fixed the crash of the "show threads" command when fewer than 16 threads are present. - JWT Validation Fix: Fixed the issue where the SSL library leaves an error during token validation, causing the connection to be closed. - Time Check Issue: Fixed the problem where the server could be shut down during queue processing even if no connections existed. - QUIC Protocol Fix: Fixed the issue where connections could not migrate to another thread when the accept queue is full. - OCSP Fix: Fixed the issue where loading OCSP parameters would lock the tree and freeze subsequent operations. - H2 Server Upload Issue: Fixed the upload freeze caused by zero-copy forwarding not setting the END_STREAM flag. - Protocol Upgrade Issue: Fixed the crash that could occur during implicit protocol upgrade if an error happened before the connection switch. - Mux-h1 Issue: Fixed the problem where Mux-h1 repeatedly returned 408 errors when sending an empty output buffer. 3. Other Improvements: - File Descriptor Limit: Reduced the default hard limit for file descriptors from 1,000,000 to 100,000 to match the settings of most distributions. - New Global Directive: Added the "h1-do-not-close-on-insecure-transfer-encoding" directive to keep connections alive when using Content-Length and Transfer-Encoding. - Log Format Parser: Relaxed certain checks in the log format parser and generated warnings only in diagnostic mode. 4. Additional Fixes: - Retry-on 429 Support: Added support for retrying on 429 status code. - Other Minor Fixes: Fixed various minor issues, including CLI commands, JWT validation, QUIC protocol, OCSP, H2 server uploads, protocol upgrades, and Mux-h1. This information provides a detailed overview of the vulnerabilities and issues addressed in HAProxy 3.0.4, along with the corresponding fixes and improvements.