INFSA-2025:21693: haproxy security update
Information about definition
Identificator: INFSA-2025:21693
Type: security
Release date: 2025-12-01 13:01:14 UTC
Information about package
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.
Vulnerabilities description
- CVE-2025-11230
A flaw was found in haproxy. A stemming from an inefficient algorithmic complexity issue within its bundled mjson parsing library. This vulnerability is triggered when haproxy is configured to analyze JSON content, such as with the json_query or jwt_payload_query function
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-11230
|
no information | 7.5 | no information |
Updated packages
Preparing to download...