Unrated severityNVD Advisory· Published Mar 23, 2023· Updated Feb 25, 2025
CVE-2023-0056
CVE-2023-0056
Description
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.
Affected products
70- osv-coords69 versionspkg:apk/chainguard/haproxypkg:apk/chainguard/haproxy-2.2pkg:apk/chainguard/haproxy-2.2-docpkg:apk/chainguard/haproxy-2.2-iamguarded-compatpkg:apk/chainguard/haproxy-2.2-oci-entrypointpkg:apk/chainguard/haproxy-2.4pkg:apk/chainguard/haproxy-2.4-docpkg:apk/chainguard/haproxy-2.4-iamguarded-compatpkg:apk/chainguard/haproxy-2.4-nocapspkg:apk/chainguard/haproxy-2.4-oci-entrypointpkg:apk/chainguard/haproxy-2.6pkg:apk/chainguard/haproxy-2.6-docpkg:apk/chainguard/haproxy-2.6-iamguarded-compatpkg:apk/chainguard/haproxy-2.6-nocapspkg:apk/chainguard/haproxy-2.6-oci-entrypointpkg:apk/chainguard/haproxy-2.8pkg:apk/chainguard/haproxy-2.8-docpkg:apk/chainguard/haproxy-2.8-iamguarded-compatpkg:apk/chainguard/haproxy-2.8-nocapspkg:apk/chainguard/haproxy-2.8-oci-entrypointpkg:apk/chainguard/haproxy-2.9pkg:apk/chainguard/haproxy-2.9-docpkg:apk/chainguard/haproxy-2.9-iamguarded-compatpkg:apk/chainguard/haproxy-2.9-oci-entrypointpkg:apk/chainguard/haproxy-3.0pkg:apk/chainguard/haproxy-3.0-docpkg:apk/chainguard/haproxy-3.0-iamguarded-compatpkg:apk/chainguard/haproxy-3.0-nocapspkg:apk/chainguard/haproxy-3.0-oci-entrypointpkg:apk/chainguard/haproxy-3.1pkg:apk/chainguard/haproxy-3.1-docpkg:apk/chainguard/haproxy-3.1-iamguarded-compatpkg:apk/chainguard/haproxy-3.1-nocapspkg:apk/chainguard/haproxy-3.1-oci-entrypointpkg:apk/chainguard/haproxy-3.2pkg:apk/chainguard/haproxy-3.2-docpkg:apk/chainguard/haproxy-3.2-iamguarded-compatpkg:apk/chainguard/haproxy-3.2-nocapspkg:apk/chainguard/haproxy-3.2-oci-entrypointpkg:apk/chainguard/haproxy-3.3pkg:apk/chainguard/haproxy-docpkg:apk/chainguard/haproxy-oci-entrypointpkg:apk/wolfi/haproxypkg:apk/wolfi/haproxy-2.9pkg:apk/wolfi/haproxy-2.9-docpkg:apk/wolfi/haproxy-2.9-oci-entrypointpkg:apk/wolfi/haproxy-3.0pkg:apk/wolfi/haproxy-3.0-docpkg:apk/wolfi/haproxy-3.0-oci-entrypointpkg:apk/wolfi/haproxy-3.1pkg:apk/wolfi/haproxy-3.1-docpkg:apk/wolfi/haproxy-3.1-oci-entrypointpkg:apk/wolfi/haproxy-3.2pkg:apk/wolfi/haproxy-3.2-docpkg:apk/wolfi/haproxy-3.2-iamguarded-compatpkg:apk/wolfi/haproxy-3.2-nocapspkg:apk/wolfi/haproxy-3.2-oci-entrypointpkg:apk/wolfi/haproxy-3.3pkg:apk/wolfi/haproxy-docpkg:apk/wolfi/haproxy-oci-entrypointpkg:bitnami/haproxypkg:rpm/almalinux/haproxypkg:rpm/opensuse/haproxy&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/haproxy&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP1pkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP2pkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP3pkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP4pkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Enterprise%20Micro%205.3
< 2.6.8-r0+ 68 more
- (no CPE)range: < 2.6.8-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 3.2.4-r1
- (no CPE)range: < 3.2.4-r1
- (no CPE)range: < 3.2.4-r1
- (no CPE)range: < 3.2.4-r1
- (no CPE)range: < 3.2.4-r1
- (no CPE)range: < 3.3.2-r0
- (no CPE)range: < 2.6.8-r0
- (no CPE)range: < 2.6.8-r0
- (no CPE)range: < 2.6.8-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 3.2.4-r1
- (no CPE)range: < 3.2.4-r1
- (no CPE)range: < 3.2.4-r1
- (no CPE)range: < 3.2.4-r1
- (no CPE)range: < 3.2.4-r1
- (no CPE)range: < 3.3.2-r0
- (no CPE)range: < 2.6.8-r0
- (no CPE)range: < 2.6.8-r0
- (no CPE)
- (no CPE)range: < 2.4.17-3.el9_1.2
- (no CPE)range: < 2.4.8+git0.d1f8d41e0-150400.3.6.1
- (no CPE)range: < 2.4.8+git0.d1f8d41e0-150400.3.6.1
- (no CPE)range: < 2.0.31-150100.8.31.1
- (no CPE)range: < 2.0.31-150200.11.20.1
- (no CPE)range: < 2.0.31-150200.11.20.1
- (no CPE)range: < 2.4.8+git0.d1f8d41e0-150400.3.6.1
- (no CPE)range: < 2.4.8+git0.d1f8d41e0-150400.3.6.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.