Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-j94q-hxyf-eye9
Summaryhaproxy: denial of service vulnerability in HAProxy mjson library
Aliases
0
alias CVE-2025-11230
Fixed_packages
0
url pkg:deb/debian/haproxy@0?distro=trixie
purl pkg:deb/debian/haproxy@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@0%3Fdistro=trixie
1
url pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6?distro=trixie
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.2.9-2%252Bdeb11u6%3Fdistro=trixie
2
url pkg:deb/debian/haproxy@2.6.12-1%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/haproxy@2.6.12-1%2Bdeb12u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7mfq-cvmr-nbf8
1
vulnerability VCID-97wa-uwp2-57gu
2
vulnerability VCID-rj2h-pnmf-mufp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@2.6.12-1%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/haproxy@3.0.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/haproxy@3.0.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@3.0.11-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/haproxy@3.0.11-1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/haproxy@3.0.11-1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-97wa-uwp2-57gu
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@3.0.11-1%252Bdeb13u2%3Fdistro=trixie
5
url pkg:deb/debian/haproxy@3.2.5-2?distro=trixie
purl pkg:deb/debian/haproxy@3.2.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@3.2.5-2%3Fdistro=trixie
6
url pkg:deb/debian/haproxy@3.2.15-1?distro=trixie
purl pkg:deb/debian/haproxy@3.2.15-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/haproxy@3.2.15-1%3Fdistro=trixie
Affected_packages
0
url pkg:rpm/redhat/haproxy@2.4.7-2.el9_0?arch=3
purl pkg:rpm/redhat/haproxy@2.4.7-2.el9_0?arch=3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j94q-hxyf-eye9
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/haproxy@2.4.7-2.el9_0%3Farch=3
1
url pkg:rpm/redhat/haproxy@2.4.17-6.el9_2?arch=3
purl pkg:rpm/redhat/haproxy@2.4.17-6.el9_2?arch=3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j94q-hxyf-eye9
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/haproxy@2.4.17-6.el9_2%3Farch=3
2
url pkg:rpm/redhat/haproxy@2.4.22-3.el9_4?arch=1
purl pkg:rpm/redhat/haproxy@2.4.22-3.el9_4?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j94q-hxyf-eye9
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/haproxy@2.4.22-3.el9_4%3Farch=1
3
url pkg:rpm/redhat/haproxy@2.4.22-4.el9_6?arch=1
purl pkg:rpm/redhat/haproxy@2.4.22-4.el9_6?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j94q-hxyf-eye9
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/haproxy@2.4.22-4.el9_6%3Farch=1
4
url pkg:rpm/redhat/haproxy@2.8.14-1.el9_7?arch=1
purl pkg:rpm/redhat/haproxy@2.8.14-1.el9_7?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j94q-hxyf-eye9
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/haproxy@2.8.14-1.el9_7%3Farch=1
5
url pkg:rpm/redhat/haproxy@3.0.5-4.el10_0?arch=1
purl pkg:rpm/redhat/haproxy@3.0.5-4.el10_0?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j94q-hxyf-eye9
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/haproxy@3.0.5-4.el10_0%3Farch=1
6
url pkg:rpm/redhat/haproxy@3.0.5-4.el10_1?arch=1
purl pkg:rpm/redhat/haproxy@3.0.5-4.el10_1?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j94q-hxyf-eye9
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/haproxy@3.0.5-4.el10_1%3Farch=1
7
url pkg:rpm/redhat/haproxy-main@3.0.19-1?arch=hum1
purl pkg:rpm/redhat/haproxy-main@3.0.19-1?arch=hum1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j94q-hxyf-eye9
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/haproxy-main@3.0.19-1%3Farch=hum1
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11230.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11230.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11230
reference_id
reference_type
scores
0
value 0.00394
scoring_system epss
scoring_elements 0.60372
published_at 2026-04-21T12:55:00Z
1
value 0.00394
scoring_system epss
scoring_elements 0.60382
published_at 2026-04-18T12:55:00Z
2
value 0.0041
scoring_system epss
scoring_elements 0.61309
published_at 2026-04-02T12:55:00Z
3
value 0.0041
scoring_system epss
scoring_elements 0.61375
published_at 2026-04-12T12:55:00Z
4
value 0.0041
scoring_system epss
scoring_elements 0.61356
published_at 2026-04-13T12:55:00Z
5
value 0.0041
scoring_system epss
scoring_elements 0.61395
published_at 2026-04-16T12:55:00Z
6
value 0.0041
scoring_system epss
scoring_elements 0.61338
published_at 2026-04-04T12:55:00Z
7
value 0.0041
scoring_system epss
scoring_elements 0.61306
published_at 2026-04-07T12:55:00Z
8
value 0.0041
scoring_system epss
scoring_elements 0.61353
published_at 2026-04-08T12:55:00Z
9
value 0.0041
scoring_system epss
scoring_elements 0.61368
published_at 2026-04-09T12:55:00Z
10
value 0.0041
scoring_system epss
scoring_elements 0.61389
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11230
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2413003
reference_id 2413003
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2413003
4
reference_url https://www.haproxy.com/blog/october-2025-cve-2025-11230-haproxy-mjson-library-denial-of-service-vulnerability
reference_id october-2025-cve-2025-11230-haproxy-mjson-library-denial-of-service-vulnerability
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-19T17:06:27Z/
url https://www.haproxy.com/blog/october-2025-cve-2025-11230-haproxy-mjson-library-denial-of-service-vulnerability
5
reference_url https://access.redhat.com/errata/RHSA-2025:21691
reference_id RHSA-2025:21691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21691
6
reference_url https://access.redhat.com/errata/RHSA-2025:21692
reference_id RHSA-2025:21692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21692
7
reference_url https://access.redhat.com/errata/RHSA-2025:21693
reference_id RHSA-2025:21693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21693
8
reference_url https://access.redhat.com/errata/RHSA-2025:21694
reference_id RHSA-2025:21694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21694
9
reference_url https://access.redhat.com/errata/RHSA-2025:22398
reference_id RHSA-2025:22398
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22398
10
reference_url https://access.redhat.com/errata/RHSA-2025:22399
reference_id RHSA-2025:22399
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22399
11
reference_url https://access.redhat.com/errata/RHSA-2025:22422
reference_id RHSA-2025:22422
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22422
12
reference_url https://access.redhat.com/errata/RHSA-2025:22548
reference_id RHSA-2025:22548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22548
13
reference_url https://access.redhat.com/errata/RHSA-2026:8729
reference_id RHSA-2026:8729
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8729
14
reference_url https://usn.ubuntu.com/7805-1/
reference_id USN-7805-1
reference_type
scores
url https://usn.ubuntu.com/7805-1/
Weaknesses
0
cwe_id 407
name Inefficient Algorithmic Complexity
description An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.
Exploits
Severity_range_score5.3 - 7.5
Exploitability0.5
Weighted_severity6.8
Risk_score3.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-j94q-hxyf-eye9