Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
purl pkg:deb/debian/haproxy@2.2.9-2%2Bdeb11u6
Next non-vulnerable version 3.2.15-1
Latest non-vulnerable version 3.2.15-1
Risk 3.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-2zm3-vw55-k3af
Aliases:
CVE-2025-32464
haproxy: Buffer Overflow via Improper Back-Reference Replacement Length Check
2.6.12-1+deb12u3
Affected by 3 other vulnerabilities.
VCID-97wa-uwp2-57gu
Aliases:
CVE-2026-33555
3.2.15-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (13)
Vulnerability Summary Aliases
VCID-4zyf-tsw1-8bfv A vulnerability in HAProxy might lead to remote execution of arbitrary code. CVE-2019-19330
VCID-5q7p-8nxf-sfem A buffer overflow in HAProxy might allow an attacker to execute arbitrary code. CVE-2020-11100
VCID-93ba-zj92-zqf1 haproxy: does not ensure that the scheme and path portions of a URI have the expected characters CVE-2021-39240
VCID-9gwz-6dnd-r7fj haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated "chunked" value CVE-2019-18277
VCID-a7s4-6k62-3qh2 haproxy: Denial of service via set-cookie2 header CVE-2022-0711
VCID-atwp-g4uy-3qgg haproxy: it can lead to a situation with an attacker-controlled HTTP Host header because a mismatch between Host and authority is mishandled CVE-2021-39242
VCID-bb8w-k2e1-xbht haproxy: request smuggling attack in HTTP/1 header parsing CVE-2023-25725
VCID-jz63-5mba-3qbx haproxy: request smuggling attack or response splitting via duplicate content-length header CVE-2021-40346
VCID-mrdn-6cwg-j3h8 haproxy: data leak via fcgi requests CVE-2023-0836
VCID-s86j-egny-77cu haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers CVE-2023-45539
VCID-sy71-5m1g-2yav haproxy: an HTTP method name may contain a space followed by the name of a protected resource CVE-2021-39241
VCID-w1we-d8uq-s3hh haproxy: segfault DoS CVE-2023-0056
VCID-ygb3-7kb1-tqbc haproxy: Proxy forwards malformed empty Content-Length headers CVE-2023-40225

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T09:31:09.119086+00:00 Debian Importer Affected by VCID-97wa-uwp2-57gu https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T00:49:07.034159+00:00 Debian Oval Importer Affected by VCID-2zm3-vw55-k3af https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-16T00:15:21.903105+00:00 Debian Oval Importer Fixing VCID-jz63-5mba-3qbx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:13:34.584525+00:00 Debian Oval Importer Fixing VCID-w1we-d8uq-s3hh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:41:41.876318+00:00 Debian Oval Importer Fixing VCID-mrdn-6cwg-j3h8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:00:52.652933+00:00 Debian Oval Importer Fixing VCID-a7s4-6k62-3qh2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:57:41.057394+00:00 Debian Oval Importer Fixing VCID-93ba-zj92-zqf1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:41:10.046549+00:00 Debian Oval Importer Fixing VCID-5q7p-8nxf-sfem https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:46:20.378493+00:00 Debian Oval Importer Fixing VCID-4zyf-tsw1-8bfv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:43:22.531426+00:00 Debian Oval Importer Fixing VCID-sy71-5m1g-2yav https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:00:52.925959+00:00 Debian Oval Importer Fixing VCID-9gwz-6dnd-r7fj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:54:04.952483+00:00 Debian Oval Importer Fixing VCID-bb8w-k2e1-xbht https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:42:12.711745+00:00 Debian Oval Importer Fixing VCID-atwp-g4uy-3qgg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:52:22.017613+00:00 Debian Oval Importer Fixing VCID-ygb3-7kb1-tqbc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:31:43.530001+00:00 Debian Oval Importer Fixing VCID-s86j-egny-77cu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-12T00:21:37.441983+00:00 Debian Oval Importer Affected by VCID-2zm3-vw55-k3af https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:49:04.636402+00:00 Debian Oval Importer Fixing VCID-jz63-5mba-3qbx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:49:23.261172+00:00 Debian Oval Importer Fixing VCID-w1we-d8uq-s3hh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:18:20.321864+00:00 Debian Oval Importer Fixing VCID-mrdn-6cwg-j3h8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:39:05.196268+00:00 Debian Oval Importer Fixing VCID-a7s4-6k62-3qh2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:35:58.474167+00:00 Debian Oval Importer Fixing VCID-93ba-zj92-zqf1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:19:57.893129+00:00 Debian Oval Importer Fixing VCID-5q7p-8nxf-sfem https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:27:15.531419+00:00 Debian Oval Importer Fixing VCID-4zyf-tsw1-8bfv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:25:51.792681+00:00 Debian Oval Importer Fixing VCID-sy71-5m1g-2yav https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:46:39.498164+00:00 Debian Oval Importer Fixing VCID-9gwz-6dnd-r7fj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:40:02.902661+00:00 Debian Oval Importer Fixing VCID-bb8w-k2e1-xbht https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:28:17.938362+00:00 Debian Oval Importer Fixing VCID-atwp-g4uy-3qgg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:39:06.201531+00:00 Debian Oval Importer Fixing VCID-ygb3-7kb1-tqbc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:18:48.625592+00:00 Debian Oval Importer Fixing VCID-s86j-egny-77cu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T23:52:20.505577+00:00 Debian Oval Importer Affected by VCID-2zm3-vw55-k3af https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T23:21:13.308867+00:00 Debian Oval Importer Fixing VCID-jz63-5mba-3qbx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:24:01.711444+00:00 Debian Oval Importer Fixing VCID-w1we-d8uq-s3hh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:54:30.024148+00:00 Debian Oval Importer Fixing VCID-mrdn-6cwg-j3h8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:17:05.710353+00:00 Debian Oval Importer Fixing VCID-a7s4-6k62-3qh2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:14:07.359664+00:00 Debian Oval Importer Fixing VCID-93ba-zj92-zqf1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:58:40.627018+00:00 Debian Oval Importer Fixing VCID-5q7p-8nxf-sfem https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:07:41.951791+00:00 Debian Oval Importer Fixing VCID-4zyf-tsw1-8bfv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:09:25.187970+00:00 Debian Oval Importer Fixing VCID-sy71-5m1g-2yav https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:33:53.867372+00:00 Debian Oval Importer Fixing VCID-9gwz-6dnd-r7fj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:27:24.204645+00:00 Debian Oval Importer Fixing VCID-bb8w-k2e1-xbht https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:16:17.784680+00:00 Debian Oval Importer Fixing VCID-atwp-g4uy-3qgg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:29:43.911751+00:00 Debian Oval Importer Fixing VCID-ygb3-7kb1-tqbc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:10:51.086984+00:00 Debian Oval Importer Fixing VCID-s86j-egny-77cu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0