Vulnerabilities > Haproxy > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-03-23 CVE-2023-0056 Resource Exhaustion vulnerability in multiple products
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service.
network
low complexity
haproxy redhat fedoraproject CWE-400
6.5
2021-08-17 CVE-2021-39241 An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3.
network
low complexity
haproxy debian fedoraproject
5.3
2019-05-09 CVE-2019-11323 Use of Uninitialized Resource vulnerability in Haproxy
HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys.
network
high complexity
haproxy CWE-908
5.9
2018-05-25 CVE-2018-11469 Information Exposure vulnerability in multiple products
Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for_cacheability function.
network
high complexity
haproxy canonical CWE-200
5.9
2017-08-22 CVE-2016-2102 Improper Authentication vulnerability in Haproxy
HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network.
network
low complexity
haproxy CWE-287
5.3