Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how haproxy compares to other vendors in security performance

View Risk Score →

HAProxy HTTP/3 -> HTTP/1 Desync: Cross-Protocol Smuggling via a Standalone QUIC FIN (CVE-2026-33555)

First published (updated )
Social
reddit

HAProxy HTTP/3 -> HTTP/1 Desync: Cross-Protocol Smuggling via a Standalone QUIC FIN (CVE-2026-33555)

First published (updated )
Social
reddit

HAProxy HAProxyAn issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received …

Risk 23
Severity
4
First published (updated )
CVE-2026-33555

HAProxy Haproxy EnterpriseDenial of service vulnerability in HAProxy mjson library

Risk 43
Severity
7.5
First published (updated )
CVE-2025-11230

HAProxy HAProxyA flaw was found in haproxy. A stemming from an inefficient algorithmic complexity issue within its …

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-2413003
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

HAProxy Kubernetes Ingress ControllerHAProxy Kubernetes Ingress Controller before 3.1.13, when the config-snippets feature flag is used, …

Risk 39
Severity
6.4
First published (updated )
CVE-2025-59303

Keycloak KeycloakThe keycloak guides recommend to not expose /admin path to the outside in case the installation is u…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-2398025

HAProxy HAProxyQUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a …

Risk 19
Severity
5.3
EPSS
0.15%
First published (updated )
CVE-2024-49214

HAProxy HAProxyHAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial o…

Risk 43
Severity
7.5
First published (updated )
CVE-2024-45506

debian/haproxyLast updated 25 July 2024

Risk 57
Severity
8.2
First published (updated )
CVE-2023-45539
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations

First published (updated )
https://seclists.org/oss-sec/2023/q4/144

CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations

First published (updated )
https://seclists.org/oss-sec/2023/q4/75

HAProxy HAProxyHAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.…

Risk 46
Severity
7.2
First published (updated )
CVE-2023-40225

HAProxy HAProxyHTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a …

Risk 51
Severity
7.3
First published (updated )
CVE-2023-25950

HAProxy HAProxyInfoleak

Risk 43
Severity
7.5
First published (updated )
CVE-2023-0836
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat/HAProxyLast updated 3 December 2024

Risk 69
Severity
9.1
First published (updated )
CVE-2023-25725

HAProxy HAProxyInitial description: Router PODs frequently getting restarted and haproxy process is receiving the s…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2160808

redhat OpenShift Container PlatformInitial description: Router PODs frequently getting restarted and haproxy process is receiving the s…

Risk 39
Severity
6.5
First published (updated )
CVE-2023-0056

redhat/haproxyA flaw was found in haproxy. Anybody who can add a "set-cookie2 X=Y" header into the return path fro…

Risk 45
Severity
7.5
First published (updated )
CVE-2022-0711

HAProxy HAProxyInteger Overflow

Risk 43
Severity
7.5
First published (updated )
CVE-2021-40346
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

HAProxy HAProxyAn issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It do…

Risk 43
Severity
7.5
First published (updated )
CVE-2021-39240

HAProxy HAProxyAn issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 …

Risk 27
Severity
5.3
First published (updated )
CVE-2021-39241

HAProxy HAProxyAn issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It ca…

Risk 43
Severity
7.5
First published (updated )
CVE-2021-39242

ubuntu/haproxyIn hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a r…

Risk 83
Severity
8.8
First published (updated )
CVE-2020-11100

Canonical Ubuntu LinuxLast updated 25 August 2025

Risk 86
Severity
9.8
First published (updated )
CVE-2019-19330
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat/haproxyLast updated 25 August 2025

Risk 46
Severity
7.5
First published (updated )
CVE-2019-18277

go/github.com/mastercactapus/proxyprotocolInput Validation

Risk 44
Severity
7.5
First published (updated )
CVE-2019-14243

HAProxy HAProxyHAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related t…

Risk 43
Severity
7.5
First published (updated )
CVE-2019-14241

HAProxy HAProxyHAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and…

Risk 35
Severity
5.9
First published (updated )
CVE-2019-11323

HAProxy HAProxyLast updated 25 August 2025

Risk 46
Severity
7.5
First published (updated )
CVE-2018-20615
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203