PT-2025-36932

Name of the Vulnerable Software and Affected Versions: pfSense CE affected versions not specified Description: The value of the showsticktablecontent parameter in /usr/local/www/haproxy/haproxy stats.php is displayed after being read from HTTP GET requests. This can enable reflected cross-site...

Linux Distros Unpatched Vulnerability : CVE-2025-32464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the replacement of...

EulerOS 2.0 SP11 : haproxy (EulerOS-SA-2025-1955)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the...

EulerOS 2.0 SP13 : haproxy (EulerOS-SA-2025-1977)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the...

CVE-2025-8671

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...

EulerOS 2.0 SP13 : haproxy (EulerOS-SA-2025-1991)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the...

EulerOS 2.0 SP11 : haproxy (EulerOS-SA-2025-1929)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the...

ROOT-OS-ALPINE-316-CVE-2022-0711 CVE-2022-0711 in rootio-haproxy - Patched by Root

Root has patched CVE-2022-0711 in the rootio-haproxy package for Root:Alpine:3.16. Multiple fixed versions available...

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2025-1977)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2025-1955)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2025-1991)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2025-1929)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2025-1823)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : haproxy (EulerOS-SA-2025-1822)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the...

EulerOS 2.0 SP12 : haproxy (EulerOS-SA-2025-1823)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the...

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2025-1822)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : MongoDB -- Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections (79251dc8-5bc5-11f0-834f-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 79251dc8-5bc5-11f0-834f-b42e991fc52e advisory. [email protected] reports: MongoDB Server's mongos component can become unresponsive to new connections d...

Security Bulletin: IBM Storage Ceph is vulnerable to HTTP Request/Response Smuggling and Unauthorized Exposure of Information in HAProxy (CVE-2023-40225, CVE-2023-0836, CVE-2023-25725, CVE-2023-45539)

Summary HAProxy is used by IBM Storage Ceph for Load Balancing. This bulletin identifies the steps to take to address the vulnerability in HAProxy. CVE-2023-40225, CVE-2023-0836, CVE-2023-25725, CVE-2023-45539. Vulnerability Details CVEID:CVE-2023-40225 DESCRIPTION: HAProxy through 2.0.32, 2.1.x...

CVE-2025-6714

MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Serve...

CVE-2025-6714

MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Serve...