CVE-2026-55204
- EPSS 0.39%
- Veröffentlicht 18.06.2026 16:05:52
- Zuletzt bearbeitet 26.06.2026 02:39:04
HAProxy through 3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference vulnerability in hpack_dht_insert() within src/hpack-tbl.c that fails to validate the return value of hpack_dht_defrag() when the memory pool is exhausted. An attack...
CVE-2026-55203
- EPSS 0.32%
- Veröffentlicht 18.06.2026 16:05:20
- Zuletzt bearbeitet 26.06.2026 02:47:33
HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgi_conn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the ...
CVE-2026-33555
- EPSS 0.3%
- Veröffentlicht 13.04.2026 00:00:00
- Zuletzt bearbeitet 29.06.2026 15:28:15
An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously announced content-length when the stream is closed via a frame with an empty payload. This can cause desynchronizatio...
CVE-2026-5501
- EPSS 0.18%
- Veröffentlicht 10.04.2026 04:17:17
- Zuletzt bearbeitet 27.04.2026 17:57:21
wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints `CA:FALSE` that is legitimately signed by ...
CVE-2025-11230
- EPSS 0.48%
- Veröffentlicht 19.11.2025 09:28:39
- Zuletzt bearbeitet 19.12.2025 16:44:55
Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.
CVE-2025-32464
- EPSS 0.69%
- Veröffentlicht 09.04.2025 00:00:00
- Zuletzt bearbeitet 15.04.2026 00:35:42
HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one.
CVE-2024-53008
- EPSS 1.04%
- Veröffentlicht 28.11.2024 03:15:16
- Zuletzt bearbeitet 15.04.2026 00:35:42
Inconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL (Access Control List) set on the product. As ...
CVE-2024-49214
- EPSS 0.5%
- Veröffentlicht 14.10.2024 04:15:05
- Zuletzt bearbeitet 15.04.2026 00:35:42
QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality.
CVE-2024-45506
- EPSS 1.2%
- Veröffentlicht 04.09.2024 15:15:14
- Zuletzt bearbeitet 14.03.2025 20:15:13
HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions, as exploited in the wild in 2024.
CVE-2023-45539
- EPSS 1.53%
- Veröffentlicht 28.11.2023 20:15:07
- Zuletzt bearbeitet 21.11.2024 08:26:56
HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static se...