CVE-2025-11230

Опубликовано: 19 нояб. 2025

Источник: debian

EPSS Низкий

Описание

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.

Пакет	Статус	Версия исправления	Релиз	Тип
haproxy	fixed	3.2.5-2		package
haproxy	not-affected		bullseye	package

Introduced with: https://github.com/haproxy/haproxy/commit/41007a6835fe29f865e01d8fbeb96114c0d01828 (v2.4-dev17)
Fixed by: https://git.haproxy.org/?p=haproxy-3.2.git;a=commit;h=6fd1287526eae1b31329997a2df29c9fb564a8e8 (v3.2.6)
Fixed by: https://github.com/haproxy/haproxy/commit/06675db4bf234ed17e14305f1d59259d2fe78b06 (v3.3-dev9)

EPSS

Процентиль: 48%

0.00249

Низкий

CVE-2025-11230

CVSS3: 7.5

ubuntu

3 месяца назад

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.

CVE-2025-11230

CVSS3: 7.5

nvd

3 месяца назад

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.

CVE-2025-11230

CVSS3: 7.5

msrc

3 месяца назад

Denial of service vulnerability in HAProxy mjson library

openSUSE-SU-2026:20032-1

suse-cvrf

24 дня назад

Security update for haproxy

SUSE-SU-2025:03589-1

suse-cvrf

4 месяца назад

Security update for haproxy

EPSS

Процентиль: 48%

0.00249

Низкий