7.5

CVE-2025-11230

Denial of service vulnerability in HAProxy mjson library

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HaproxyAloha Appliance Version >= 14.5.0 < 14.5.33
HaproxyAloha Appliance Version >= 15.5.0 < 15.5.28
HaproxyAloha Appliance Version >= 16.5.0 < 16.5.19
HaproxyAloha Appliance Version >= 17.0.0 < 17.0.7
HaproxyHaproxy Version >= 2.4.0 < 2.4.30
HaproxyHaproxy Version >= 2.6.0 < 2.6.23
HaproxyHaproxy Version >= 2.8.0 < 2.8.16
HaproxyHaproxy Version >= 3.0.0 < 3.0.12
HaproxyHaproxy Version >= 3.1.0 < 3.1.9
HaproxyHaproxy Version >= 3.2.0 < 3.2.6
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-253.271
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-254.271
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-259.342
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-263.343
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-264.356
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-268.356
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-268.373
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-268.459
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-268.464
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-268.477
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-268.499
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-268.553
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-268.560
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-268.564
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-268.596
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-269.596
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-269.599
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-270.616
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-271.673
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-271.677
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-272.683
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-272.686
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-272.728
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-274.752
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-276.752
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-277.814
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-277.831
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-278.838
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-279.852
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-279.859
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-279.877
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-279.911
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-279.940
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-279.952
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-279.953
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-279.956
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-280.956
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-282.998
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-282.999
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-284.999
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-285.1010
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-286.1064
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-286.1068
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-286.1089
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-286.1094
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-288.1094
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-288.1158
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-288.1167
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-288.1189
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-289.1189
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-290.1239
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-291.1246
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-292.1293
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-294.1346
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-294.1364
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-294.1376
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-294.1377
HaproxyHaproxy Enterprise Version2.4r1 Update1.0.0-294.1442
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-281.466
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-282.561
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-283.562
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-283.565
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-283.616
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-283.632
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-283.633
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-283.636
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-284.636
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-285.726
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-285.727
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-287.727
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-288.770
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-288.773
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-288.848
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-288.849
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-289.1020
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-289.1028
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-289.1041
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-289.873
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-289.975
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-289.976
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-291.1046
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-292.1046
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-292.1055
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-292.1120
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-292.1147
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-292.1148
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-292.1156
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-292.1181
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-292.1187
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-293.1189
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-293.1190
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-294.1212
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-294.1285
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-295.1303
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-296.1392
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-296.1416
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-299.1416
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-299.1474
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-299.1487
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-299.1511
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-299.1542
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-299.1557
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-299.1596
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-299.1603
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-299.1606
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-299.1618
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-300.1666
HaproxyHaproxy Enterprise Version2.6r1 Update1.0.0-301.1666
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-302.234
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-304.266
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-305.279
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-305.285
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-306.288
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-306.289
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-307.317
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-310.350
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-310.364
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-310.373
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-310.374
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-310.418
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-310.422
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-310.424
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-311.449
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-311.452
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-311.453
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-312.592
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-312.613
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-317.613
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-318.674
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-319.699
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-319.723
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-320.750
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-320.761
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-320.770
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-320.780
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-320.781
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-320.783
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-320.831
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-320.851
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-320.853
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-320.895
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-321.895
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-321.901
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-321.919
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-321.931
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-321.934
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-321.937
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-322.942
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-324.1030
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-324.1071
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-324.1072
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-324.947
HaproxyHaproxy Enterprise Version2.8r1 Update1.0.0-326.1073
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-337.363
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-337.390
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-337.394
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-339.395
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-339.405
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-339.415
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-339.455
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-339.466
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-339.471
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-341.475
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-342.482
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-344.495
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-344.503
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-344.561
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-344.564
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-344.591
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-344.608
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-344.641
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-344.655
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-344.672
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-345.673
HaproxyHaproxy Enterprise Version3.0r1 Update1.0.0-346.792
HaproxyHaproxy Enterprise Version3.1r1 Update1.0.0-345.233
HaproxyHaproxy Enterprise Version3.1r1 Update1.0.0-346.274
HaproxyHaproxy Enterprise Version3.1r1 Update1.0.0-346.287
HaproxyHaproxy Enterprise Version3.1r1 Update1.0.0-347.299
HaproxyHaproxy Enterprise Version3.1r1 Update1.0.0-347.338
HaproxyHaproxy Enterprise Version3.1r1 Update1.0.0-347.362
HaproxyHaproxy Enterprise Version3.1r1 Update1.0.0-347.405
HaproxyHaproxy Enterprise Version3.1r1 Update1.0.0-347.419
HaproxyHaproxy Enterprise Version3.1r1 Update1.0.0-347.431
HaproxyHaproxy Enterprise Version3.1r1 Update1.0.0-347.449
HaproxyHaproxy Enterprise Version3.1r1 Update1.0.0-348.519
HaproxyKubernetes Ingress Controller SwEditionenterprise Version < 1.9.14-ee7
HaproxyKubernetes Ingress Controller SwEditioncommunity Version < 3.1.12
HaproxyKubernetes Ingress Controller SwEditionenterprise Version >= 1.10.10-ee1 < 1.11.12-ee10
HaproxyKubernetes Ingress Controller SwEditionenterprise Version >= 3.0.0-ee1 < 3.0.15-ee4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.48% 0.379
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
security@ubuntu.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-407 Inefficient Algorithmic Complexity

An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.

https://www.haproxy.com/blog/october-2025-cve-2025-11230-haproxy-mjson-library-denial-of-service-vulnerability
Vendor Advisory