Skip to main content

Haproxy

34 CVEs product

Monthly

CVE-2026-55204 HIGH PATCH This Week

Denial of service in HAProxy through 3.4.0 allows remote unauthenticated attackers to crash worker processes by triggering HPACK dynamic table insertions under memory pressure. The flaw lives in hpack_dht_insert() in src/hpack-tbl.c, where the return value of hpack_dht_defrag() is not validated; when the memory pool is exhausted defrag returns NULL and the subsequent dereference crashes the worker. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Denial Of Service Null Pointer Dereference Haproxy
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.4%
CVE-2026-55203 CRITICAL PATCH Act Now

FastCGI framing desynchronization in HAProxy through 3.4.0 stems from a 16-bit integer overflow in the fcgi_conn demux record length (drl) field, which wraps to zero when a malicious backend sends a record with contentLength 65535 and paddingLength of 1 or more. A hostile FastCGI backend can leverage the misparse to desynchronize HAProxy's FCGI parser, leading to request routing errors, response smuggling, or memory safety issues. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; the upstream commit 5985276 widens drl to uint32_t.

Integer Overflow Buffer Overflow Haproxy
NVD GitHub VulDB
CVSS 4.0
9.0
EPSS
0.3%
CVE-2026-33555 MEDIUM PATCH This Month

HAProxy versions 2.6 through 3.3.5 fail to validate that received HTTP/3 message body lengths match the announced Content-Length header when streams close via empty-payload frames, enabling request smuggling and backend desynchronization attacks. An unauthenticated remote attacker can exploit this via network-level HTTP/3 traffic to cause integrity violations (integrity impact rated low by CVSS), though practical exploitation requires high attack complexity. No public exploit code or active CISA KEV designation has been confirmed; the moderate CVSS 4.0 and high attack complexity suggest this is a specialized HTTP/3 protocol abuse requiring precise crafting.

Information Disclosure Haproxy
NVD GitHub VulDB
CVSS 3.1
5.8
EPSS
0.0%
CVE-2025-11230 HIGH PATCH This Month

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Aloha Appliance Haproxy Haproxy Enterprise Kubernetes Ingress Controller +2
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-45506 HIGH This Week

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions, as. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Haproxy
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-45539 HIGH This Week

HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Haproxy
NVD
CVSS 3.1
8.2
EPSS
1.5%
CVE-2023-40225 HIGH POC PATCH This Week

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Request Smuggling Haproxy
NVD GitHub
CVSS 3.1
7.2
EPSS
1.8%
CVE-2023-25950 HIGH This Week

HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Request Smuggling Haproxy
NVD
CVSS 3.1
7.3
EPSS
2.9%
CVE-2023-0836 HIGH This Week

An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Haproxy
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-0056 MEDIUM This Month

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Haproxy Ceph Storage Software Collections Openshift Container Platform +5
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2023-25725 CRITICAL Act Now

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Authentication Bypass Haproxy Debian Linux
NVD
CVSS 3.1
9.1
EPSS
5.5%
CVE-2022-0711 HIGH PATCH This Week

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Haproxy Openshift Container Platform Software Collections Enterprise Linux +1
NVD GitHub
CVSS 3.1
7.5
EPSS
16.6%
CVE-2021-40346 HIGH POC PATCH THREAT This Week

An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Integer Overflow Haproxy Debian Linux Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
57.9%
CVE-2021-39242 HIGH This Week

An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Haproxy Debian Linux Fedora
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2021-39241 MEDIUM This Month

An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Haproxy Debian Linux Fedora
NVD
CVSS 3.1
5.3
EPSS
1.8%
CVE-2021-39240 HIGH This Week

An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Haproxy Debian Linux Fedora
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2020-11100 HIGH This Week

In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Haproxy Debian Linux +4
NVD
CVSS 3.1
8.8
EPSS
60.7%
CVE-2019-19330 CRITICAL Act Now

The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Haproxy Ubuntu Linux Debian Linux
NVD
CVSS 3.1
9.8
EPSS
4.0%
CVE-2019-18277 HIGH POC THREAT This Week

A flaw was found in HAProxy before 2.0.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Request Smuggling Information Disclosure Haproxy
NVD
CVSS 3.1
7.5
EPSS
10.0%
CVE-2019-14241 HIGH POC THREAT This Week

HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Haproxy
NVD GitHub
CVSS 3.0
7.5
EPSS
70.2%
CVE-2019-11323 MEDIUM This Month

HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Haproxy
NVD
CVSS 3.1
5.9
EPSS
1.2%
CVE-2019-8953 MEDIUM POC PATCH THREAT This Month

The HAProxy package before 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, related to haproxy_listeners.php and haproxy_listeners_edit.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS PHP Haproxy
NVD GitHub Exploit-DB
CVSS 3.0
6.1
EPSS
52.2%
CVE-2018-20103 HIGH This Week

An issue was discovered in dns.c in HAProxy through 1.8.14. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Haproxy Ubuntu Linux Openshift Container Platform
NVD
CVSS 3.0
7.5
EPSS
6.6%
CVE-2018-20102 HIGH This Week

An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Haproxy Ubuntu Linux Openshift Container Platform
NVD
CVSS 3.0
7.5
EPSS
4.3%
CVE-2018-14645 HIGH This Week

A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow Haproxy Ubuntu Linux +3
NVD
CVSS 3.0
7.5
EPSS
3.0%
CVE-2018-11469 MEDIUM This Month

Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Haproxy Ubuntu Linux
NVD
CVSS 3.0
5.9
EPSS
3.1%
CVE-2018-10184 HIGH This Week

An issue was discovered in HAProxy before 1.8.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Haproxy Enterprise Linux
NVD
CVSS 3.0
7.5
EPSS
8.4%
CVE-2016-2102 MEDIUM This Month

HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Haproxy
NVD
CVSS 3.0
5.3
EPSS
0.0%
CVE-2016-5360 HIGH Act Now

HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 46.1% and no vendor patch available.

Denial Of Service Buffer Overflow Ubuntu Linux Haproxy
NVD
CVSS 3.0
7.5
EPSS
46.1%
CVE-2015-3281 MEDIUM PATCH This Month

The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Debian Linux Haproxy Ubuntu Linux Openstack Cloud +8
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2014-6269 MEDIUM POC This Month

Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 before 1.5.4 allow remote attackers to cause a denial of service (crash) via a large stream. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Haproxy
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2013-2175 MEDIUM PATCH This Month

HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Debian Linux Ubuntu Linux Enterprise Linux Load Balancer Haproxy
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2013-1912 MEDIUM This Month

Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules, and running with rewrite rules that appends. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service RCE Haproxy
NVD
CVSS 2.0
5.1
EPSS
0.1%
CVE-2012-2942 MEDIUM This Month

Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled,. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service RCE Haproxy
NVD
CVSS 2.0
5.1
EPSS
0.2%
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Denial of service in HAProxy through 3.4.0 allows remote unauthenticated attackers to crash worker processes by triggering HPACK dynamic table insertions under memory pressure. The flaw lives in hpack_dht_insert() in src/hpack-tbl.c, where the return value of hpack_dht_defrag() is not validated; when the memory pool is exhausted defrag returns NULL and the subsequent dereference crashes the worker. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Denial Of Service Null Pointer Dereference Haproxy
NVD GitHub VulDB
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

FastCGI framing desynchronization in HAProxy through 3.4.0 stems from a 16-bit integer overflow in the fcgi_conn demux record length (drl) field, which wraps to zero when a malicious backend sends a record with contentLength 65535 and paddingLength of 1 or more. A hostile FastCGI backend can leverage the misparse to desynchronize HAProxy's FCGI parser, leading to request routing errors, response smuggling, or memory safety issues. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; the upstream commit 5985276 widens drl to uint32_t.

Integer Overflow Buffer Overflow Haproxy
NVD GitHub VulDB
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

HAProxy versions 2.6 through 3.3.5 fail to validate that received HTTP/3 message body lengths match the announced Content-Length header when streams close via empty-payload frames, enabling request smuggling and backend desynchronization attacks. An unauthenticated remote attacker can exploit this via network-level HTTP/3 traffic to cause integrity violations (integrity impact rated low by CVSS), though practical exploitation requires high attack complexity. No public exploit code or active CISA KEV designation has been confirmed; the moderate CVSS 4.0 and high attack complexity suggest this is a specialized HTTP/3 protocol abuse requiring precise crafting.

Information Disclosure Haproxy
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Month

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Aloha Appliance Haproxy +4
NVD
EPSS 1% CVSS 7.5
HIGH This Week

HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions, as. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Haproxy
NVD
EPSS 2% CVSS 8.2
HIGH This Week

HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Haproxy
NVD
EPSS 2% CVSS 7.2
HIGH POC PATCH This Week

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Request Smuggling Haproxy
NVD GitHub
EPSS 3% CVSS 7.3
HIGH This Week

HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Request Smuggling Haproxy
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Haproxy
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Haproxy Ceph Storage +7
NVD
EPSS 5% CVSS 9.1
CRITICAL Act Now

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Authentication Bypass Haproxy +1
NVD
EPSS 17% CVSS 7.5
HIGH PATCH This Week

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Haproxy Openshift Container Platform +3
NVD GitHub
EPSS 58% CVSS 7.5
HIGH POC PATCH THREAT This Week

An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Integer Overflow Haproxy +2
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Haproxy Debian Linux +1
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Haproxy Debian Linux +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Haproxy Debian Linux +1
NVD
EPSS 61% CVSS 8.8
HIGH This Week

In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +6
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Haproxy Ubuntu Linux +1
NVD
EPSS 10% CVSS 7.5
HIGH POC THREAT This Week

A flaw was found in HAProxy before 2.0.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Request Smuggling Information Disclosure Haproxy
NVD
EPSS 70% CVSS 7.5
HIGH POC THREAT This Week

HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Haproxy
NVD GitHub
EPSS 1% CVSS 5.9
MEDIUM This Month

HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Haproxy
NVD
EPSS 52% CVSS 6.1
MEDIUM POC PATCH THREAT This Month

The HAProxy package before 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, related to haproxy_listeners.php and haproxy_listeners_edit.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS PHP Haproxy
NVD GitHub Exploit-DB
EPSS 7% CVSS 7.5
HIGH This Week

An issue was discovered in dns.c in HAProxy through 1.8.14. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Haproxy Ubuntu Linux +1
NVD
EPSS 4% CVSS 7.5
HIGH This Week

An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Haproxy +2
NVD
EPSS 3% CVSS 7.5
HIGH This Week

A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow +5
NVD
EPSS 3% CVSS 5.9
MEDIUM This Month

Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Haproxy Ubuntu Linux
NVD
EPSS 8% CVSS 7.5
HIGH This Week

An issue was discovered in HAProxy before 1.8.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Haproxy +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Haproxy
NVD
EPSS 46% CVSS 7.5
HIGH Act Now

HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service (uninitialized memory access and crash) or possibly have unspecified other. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 46.1% and no vendor patch available.

Denial Of Service Buffer Overflow Ubuntu Linux +1
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The buffer_slow_realign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Debian Linux Haproxy +10
NVD
EPSS 0% CVSS 5.0
MEDIUM POC This Month

Multiple integer overflows in the http_request_forward_body function in proto_http.c in HAProxy 1.5-dev23 before 1.5.4 allow remote attackers to cause a denial of service (crash) via a large stream. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Haproxy
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Debian Linux Ubuntu Linux +2
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules, and running with rewrite rules that appends. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service RCE +1
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled,. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service RCE +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy