CVE-2025-11230

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-11230
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-11230.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-11230
Aliases
Downstream
Related
Published
2025-11-19T10:15:45.020Z
Modified
2025-12-21T06:46:51.308708Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.

References

Affected packages

Git

git.haproxy.org/haproxy-2.4.git

Affected ranges

Type
GIT
Repo
https://git.haproxy.org/haproxy-2.4.git
Events
Introduced
6cbbecf09734aeb5fa8bb88f36f06a6f6d35e813
Fixed
bfe53a9ac0afa502d68bfddddbe30854ccce18b5

Affected versions

v2.*

v2.4.0
v2.4.1
v2.4.10
v2.4.11
v2.4.12
v2.4.13
v2.4.14
v2.4.15
v2.4.16
v2.4.17
v2.4.18
v2.4.19
v2.4.2
v2.4.20
v2.4.21
v2.4.22
v2.4.23
v2.4.24
v2.4.25
v2.4.26
v2.4.27
v2.4.28
v2.4.29
v2.4.3
v2.4.4
v2.4.5
v2.4.6
v2.4.7
v2.4.8
v2.4.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-11230.json"

git.haproxy.org/haproxy-2.6.git

Affected ranges

Type
GIT
Repo
https://git.haproxy.org/haproxy-2.6.git
Events
Introduced
a1efc048bf8a5e14466dbe7317e73117e8d66176
Fixed
c3bf1ac6709072bf9984c829c3badda5a4e8fa7e

Affected versions

v2.*

v2.6.0
v2.6.1
v2.6.10
v2.6.11
v2.6.12
v2.6.13
v2.6.14
v2.6.15
v2.6.16
v2.6.17
v2.6.18
v2.6.19
v2.6.2
v2.6.20
v2.6.21
v2.6.22
v2.6.3
v2.6.4
v2.6.5
v2.6.6
v2.6.7
v2.6.8
v2.6.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-11230.json"

git.haproxy.org/haproxy.git

Affected ranges

Type
GIT
Repo
https://git.haproxy.org/haproxy.git
Events
Introduced
f2b97918e80b2f4df1da751a44fe6e323c6e4b9e
Fixed
7cdc9325a1203f60b2269b4cab946bddc77eff41

Affected versions

v3.*

v3.1.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-11230.json"

github.com/haproxy/haproxy

Affected ranges

Type
GIT
Repo
https://github.com/haproxy/haproxy
Events
Introduced
5590ada4731a1f75004675680b4bdca61fa4c507
Fixed
d236b43da7149f5147474c03fd54fada0615ce91

Affected versions

v3.*

v3.0.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-11230.json"