Haproxy Security Vulnerabilities (CVEs)

Track 10 security vulnerabilities affecting Haproxy products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

1 Critical

8 High

1 Medium

Sort by:

🔔 Get Alerts for Haproxy

CVE-2025-11230 7.5

This vulnerability in HAProxy's mjson library allows remote attackers to cause denial of service through inefficient algorithm complexity when process...

Nov 19, 2025

CVE-2024-45506 7.5

HAProxy HTTP/2 zero-copy forwarding vulnerability allows remote attackers to cause denial of service by exploiting a loop condition in the h2_send fun...

Sep 4, 2024

CVE-2023-40225 7.2

HAProxy versions through multiple branches forward empty Content-Length headers, violating HTTP standards. This can cause HTTP/1 servers behind HAProx...

Aug 10, 2023

CVE-2023-25950 7.3

This HTTP request smuggling vulnerability in HAProxy allows attackers to manipulate legitimate user requests by exploiting improper request/response h...

Apr 11, 2023

CVE-2023-0056 6.5

An uncontrolled resource consumption vulnerability in HAProxy could allow an authenticated remote attacker to crash the service by running a specially...

Mar 23, 2023

CVE-2023-25725 9.1

CVE-2023-25725 is an HTTP request smuggling vulnerability in HAProxy that allows attackers to bypass access controls by sending specially crafted HTTP...

Feb 14, 2023

CVE-2022-0711 7.5

CVE-2022-0711 is a denial-of-service vulnerability in HAProxy where specially crafted HTTP responses containing Set-Cookie2 headers can trigger an inf...

Mar 2, 2022

CVE-2021-40346 7.5

CVE-2021-40346 is an integer overflow vulnerability in HAProxy's HTTP header processing that enables HTTP request smuggling attacks. This allows attac...

Sep 8, 2021

CVE-2021-39240 7.5

HAProxy versions before 2.2.16, 2.3.13, and 2.4.3 have a URI validation vulnerability where the proxy fails to properly validate scheme and path chara...

Aug 17, 2021

CVE-2021-39242 7.5

This vulnerability in HAProxy allows attackers to manipulate HTTP Host headers to bypass security controls or cause request processing errors. It affe...

Aug 17, 2021

Why Monitor Haproxy Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 10+ known vulnerabilities affecting Haproxy products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Haproxy packages in under 60 seconds. No agents required - completely agentless scanning that works across Haproxy deployments.

Free vulnerability database: Access detailed information about every Haproxy CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Haproxy CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Haproxy CVEs Free