apk package
chainguard/haproxy-2.2-oci-entrypoint
pkg:apk/chainguard/haproxy-2.2-oci-entrypoint
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-32464 | Med | 6.8 | < 2.2.34-r0 | 2.2.34-r0 | Apr 9, 2025 | HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one. | |
| CVE-2023-45539 | — | < 0 | 0 | Nov 28, 2023 | HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server. | ||
| CVE-2023-0056 | — | < 0 | 0 | Mar 23, 2023 | An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability. | ||
| CVE-2016-2102 | Med | 5.3 | < 0 | 0 | Aug 22, 2017 | HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network. |
- affected < 2.2.34-r0fixed 2.2.34-r0
HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one.
- CVE-2023-45539Nov 28, 2023affected < 0fixed 0
HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server.
- CVE-2023-0056Mar 23, 2023affected < 0fixed 0
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.
- affected < 0fixed 0
HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network.