ROS-20260129-73-0025

HAProxy server software vulnerability is related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.1 security update

Important: Red Hat OpenShift GitOps v1.19.1 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8080 CVE-2025-58183 openshift-gitops-1/argocd-rhel8: Unbounded allocation when parsing GNU sparse map gitops-1.19 GITOPS-8083 CVE-2025-58183...

Mageia: Security Advisory (MGASA-2026-0019)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated haproxy packages fix bugs

Haproxy has two major, a few medium and a few minor bugs fixed in the last upstream version 2.8.18 of branch 2.8. Fixed major bugs list: - quic: use ncbmbuf for CRYPTO handling - stream: Force channel analysis on successful synchronous send Fixed medium bugs list: - dns: bind the nameserver...

MGASA-2026-0019 Updated haproxy packages fix bugs

Haproxy has two major, a few medium and a few minor bugs fixed in the last upstream version 2.8.18 of branch 2.8. Fixed major bugs list: - quic: use ncbmbuf for CRYPTO handling - stream: Force channel analysis on successful synchronous send Fixed medium bugs list: - dns: bind the nameserver socke...

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2025-11230)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-11230 advisory. - Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial...

Azure Linux 3.0 Security Update: haproxy (CVE-2024-45506)

The version of haproxy installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45506 advisory. - HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of servi...

Azure Linux 3.0 Security Update: haproxy (CVE-2025-32464)

The version of haproxy installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32464 advisory. - HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2025-11230)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-11230 advisory. - Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial...

MiracleLinux 9 : haproxy-2.4.22-3.el9_3 (AXSA:2024-7579:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7579:01 advisory. haproxy: Proxy forwards malformed empty Content-Length headers CVE-2023-40225 haproxy: untrimmed URI fragments may lead to exposure of confidential...

MiracleLinux 8 : haproxy-1.8.15-6.el8.1 (AXSA:2020-172:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-172:01 advisory. haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes CVE-2020-11100 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : haproxy-1.8.23-3.el8 (AXSA:2020-267:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-267:02 advisory. haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated chunked value CVE-2019-18277 haproxy: HTTP/2...

MiracleLinux 8 : haproxy-1.8.27-5.el8_10.1 (AXSA:2024-8984:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8984:02 advisory. haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers CVE-2023-45539 Tenable has extracted the preceding description...

MiracleLinux 9 : haproxy-2.4.22-1.el9 (AXSA:2023-6671:04)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6671:04 advisory. haproxy: data leak via fcgi requests CVE-2023-0836 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. No...

MiracleLinux 9 : haproxy-2.4.17-3.el9.2 (AXSA:2023-5279:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5279:02 advisory. haproxy: segfault DoS CVE-2023-0056 haproxy: request smuggling attack in HTTP/1 header parsing CVE-2023-25725 Tenable has extracted the preceding...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: haproxy (UTSA-2026-000538)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000538 advisory. Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests. Tenable has extracted...

openSUSE 16 Security Update : haproxy (openSUSE-SU-2026:20032-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20032-1 advisory. - CVE-2025-11230: issue in the mjson JSON decoder leads to excessive resource consumption when processing numbers with large exponents bsc1250983. Tenab...

MiracleLinux 4 : haproxy-1.5.4-2.AXS4.1 (AXSA:2015-467:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-467:01 advisory. HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on...

MiracleLinux 4 : haproxy-1.4.22-5.AXS4 (AXSA:2013-584:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-584:02 advisory. HAProxy is a free, fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly...

EulerOS 2.0 SP12 : haproxy (EulerOS-SA-2026-1069)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON...