📦 Haproxy
by Haproxy
🔍 What is Haproxy?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2023-25725 is an HTTP request smuggling vulnerability in HAProxy that allows attackers to bypass access controls by sending specially crafted HTTP headers. The vulnerability occurs because HAProxy...
This vulnerability in HAProxy's mjson library allows remote attackers to cause denial of service through inefficient algorithm complexity when processing specially crafted JSON requests. Any HAProxy d...
HAProxy HTTP/2 zero-copy forwarding vulnerability allows remote attackers to cause denial of service by exploiting a loop condition in the h2_send function. This affects HAProxy 2.9.x before 2.9.10, 3...
HAProxy versions through multiple branches forward empty Content-Length headers, violating HTTP standards. This can cause HTTP/1 servers behind HAProxy to misinterpret requests, potentially treating p...
This HTTP request smuggling vulnerability in HAProxy allows attackers to manipulate legitimate user requests by exploiting improper request/response handling. Attackers can potentially steal sensitive...
CVE-2022-0711 is a denial-of-service vulnerability in HAProxy where specially crafted HTTP responses containing Set-Cookie2 headers can trigger an infinite loop, causing the service to become unrespon...
CVE-2021-40346 is an integer overflow vulnerability in HAProxy's HTTP header processing that enables HTTP request smuggling attacks. This allows attackers to bypass HAProxy's security ACLs (access con...
HAProxy versions before 2.2.16, 2.3.13, and 2.4.3 have a URI validation vulnerability where the proxy fails to properly validate scheme and path characters in HTTP/2 requests. This allows attackers to...
This vulnerability in HAProxy allows attackers to manipulate HTTP Host headers to bypass security controls or cause request processing errors. It affects HAProxy versions 2.2 before 2.2.16, 2.3 before...
An uncontrolled resource consumption vulnerability in HAProxy could allow an authenticated remote attacker to crash the service by running a specially crafted malicious server in an OpenShift cluster....