haproxy

HAProxy operators should treat CVE-2024-45506 as an urgent availability risk: a logic flaw in the HTTP/2 zero‑copy forwarding path (the h2_send loop) can be triggered remotely to put HAProxy processes into an endless loop or crash them outright, and this weakness was observed being exploited in...

HAProxy Technologies has published an advisory for CVE‑2025‑11230, a high‑severity denial‑of‑service flaw rooted in an Inefficient Algorithm Complexity (CWE‑407) in the embedded mjson JSON parser; specially crafted JSON payloads that include extremely large numeric values can trigger...