haproxy (SUSE:Linux Enterprise High Availability Extension 15 SP6) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Availability Extension 15 SP6 package haproxy, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2025-11230 — CVSS 7.5 (high): Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON…
CVE-2025-32464 — CVSS 6.8 (medium): HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling…
CVE-2024-53008 — CVSS 5.3 (medium): Inconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is…
CVE-2026-33555 — CVSS 4.0 (medium): An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously…