apk package
chainguard/haproxy-3.1-nocaps
pkg:apk/chainguard/haproxy-3.1-nocaps
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-32464 | Med | 6.8 | < 3.1.7-r0 | 3.1.7-r0 | Apr 9, 2025 | HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one. | |
| CVE-2023-0056 | — | < 0 | 0 | Mar 23, 2023 | An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability. | ||
| CVE-2016-2102 | Med | 5.3 | < 0 | 0 | Aug 22, 2017 | HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network. |
- affected < 3.1.7-r0fixed 3.1.7-r0
HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one.
- CVE-2023-0056Mar 23, 2023affected < 0fixed 0
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.
- affected < 0fixed 0
HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network.