Oracle Linux 10 : haproxy (ELSA-2025-21691)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-21691 advisory. 3.0.5-4.1 - Fix denial of service vulnerability in mjson library CVE-2025-11230 Resolves: RHEL-126652 Tenable has extracted the preceding description block...

RockyLinux 9 : haproxy (RLSA-2025:21693)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:21693 advisory. haproxy: denial of service vulnerability in HAProxy mjson library CVE-2025-11230 Tenable has extracted the preceding description block directly from the RockyLin...

Linux Distros Unpatched Vulnerability : CVE-2025-59303

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HAProxy Kubernetes Ingress Controller before 3.1.13, when the config-snippets feature flag is used, accepts config snippets from users with create/update...

RHSA-2025:22422 Red Hat Security Advisory: haproxy security update

Bulletin has no description...

RHSA-2025:22399 Red Hat Security Advisory: haproxy security update

Bulletin has no description...

RHSA-2025:22398 Red Hat Security Advisory: haproxy security update

Bulletin has no description...

Keycloak unable to restrict access to the admin console

A flaw was found in Keycloak. The Keycloak guides recommend to not expose /admin path to the outside in case the installation is using a proxy. The issue occurs at least via ha-proxy, as it can be tricked to using relative/non-normalized paths to access the /admin application path relative to...

RHEL 9 : haproxy (RHSA-2025:22398)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:22398 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: denial...

haproxy: denial of service vulnerability in HAProxy mjson library

A flaw was found in haproxy. A stemming from an inefficient algorithmic complexity issue within its bundled mjson parsing library. This vulnerability is triggered when haproxy is configured to analyze JSON content, such as with the jsonquery or jwtpayloadquery function...

Important: Red Hat Security Advisory: haproxy security update

An update for haproxy is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

haproxy: denial of service vulnerability in HAProxy mjson library

A flaw was found in haproxy. A stemming from an inefficient algorithmic complexity issue within its bundled mjson parsing library. This vulnerability is triggered when haproxy is configured to analyze JSON content, such as with the jsonquery or jwtpayloadquery function...

Important: Red Hat Security Advisory: haproxy security update

An update for haproxy is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

haproxy: denial of service vulnerability in HAProxy mjson library

A flaw was found in haproxy. A stemming from an inefficient algorithmic complexity issue within its bundled mjson parsing library. This vulnerability is triggered when haproxy is configured to analyze JSON content, such as with the jsonquery or jwtpayloadquery function...

Important: Red Hat Security Advisory: haproxy security update

An update for haproxy is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : haproxy (RHSA-2025:22399)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:22399 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: denial...

RHEL 9 : haproxy (RHSA-2025:22422)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:22422 advisory. The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: denial...

CLSA-2025-1764324159 haproxy: Fix of CVE-2025-11230

CVE-2025-11230: fix denial of service vulnerability in mjson library by optimizing exponent calculation to prevent CPU exhaustion from crafted JSON requests...

Oracle Linux 9 : haproxy (ELSA-2025-21693)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-21693 advisory. 2.8.14-1.1 - Fix denial of service vulnerability in mjson library CVE-2025-11230 Resolves: RHEL-126664 Tenable has extracted the preceding description block...

haproxy security update

An update is available for haproxy. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The haproxy packages provide a reliable, high-performance network load...

RLSA-2025:21691 Important: haproxy security update

The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: denial of service vulnerability in HAProxy mjson library CVE-2025-11230 For more details about the security issues, including the impact, a CVSS score,...