Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/haproxy@3.2.17-1?distro=trixie
purl pkg:deb/debian/haproxy@3.2.17-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (38)
Vulnerability Summary Aliases
VCID-2pk8-3ahf-fbey haproxy: weak HMAC keys used to TLS session resumption after reload with rotated keys CVE-2019-11323
VCID-2zm3-vw55-k3af haproxy: Buffer Overflow via Improper Back-Reference Replacement Length Check CVE-2025-32464
VCID-31wf-mpnt-dycm haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure CVE-2018-20102
VCID-37ny-vqaj-y3bd security update CVE-2015-3281
VCID-48er-rqvk-nyhg haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service CVE-2018-20103
VCID-4zyf-tsw1-8bfv A vulnerability in HAProxy might lead to remote execution of arbitrary code. CVE-2019-19330
VCID-5781-s1ny-q7ey CVE-2023-44487
GHSA-2m7v-gc89-fjqf
GHSA-qppj-fm5r-hxr3
GHSA-vx74-f528-fxqg
GHSA-xpw8-rcwv-8f8p
GMS-2023-3377
VSV00013
VCID-5n4e-hka2-yubh CVE-2026-26080
VCID-5q7p-8nxf-sfem A buffer overflow in HAProxy might allow an attacker to execute arbitrary code. CVE-2020-11100
VCID-63yy-cnhx-wyct haproxy: potential infinite loop condition in the h2_send() may trigger a DoS CVE-2024-45506
VCID-6pet-6dms-e3g9 Multiple vulnerabilities have been found in HAProxy, allowing attackers to execute arbitrary code or cause Denial of Service. CVE-2013-2175
VCID-79xt-tp2u-6qca haproxy: denial of service via reqdeny CVE-2016-5360
VCID-7mfq-cvmr-nbf8 HAProxy: HTTP request smuggling in HAProxy CVE-2024-53008
VCID-8e1s-dgj6-vyfq haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash CVE-2018-20615
VCID-93ba-zj92-zqf1 haproxy: does not ensure that the scheme and path portions of a URI have the expected characters CVE-2021-39240
VCID-97wa-uwp2-57gu CVE-2026-33555
VCID-9atw-pg8b-y3a2 haproxy: Information disclosure in check_request_for_cacheability function in proto_http.c CVE-2018-11469
VCID-9gwz-6dnd-r7fj haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated "chunked" value CVE-2019-18277
VCID-a7s4-6k62-3qh2 haproxy: Denial of service via set-cookie2 header CVE-2022-0711
VCID-atwp-g4uy-3qgg haproxy: it can lead to a situation with an attacker-controlled HTTP Host header because a mismatch between Host and authority is mishandled CVE-2021-39242
VCID-ayrb-j36f-zqft haproxy: malformed HTTP header field name can lead to HTTP request/response smuggling CVE-2023-25950
VCID-bb8w-k2e1-xbht haproxy: request smuggling attack in HTTP/1 header parsing CVE-2023-25725
VCID-bte8-ec31-e7hu A buffer overflow in HAProxy may allow execution of arbitrary code. CVE-2012-2942
VCID-cmeu-b3fh-hkaf upstream: CVE-2025-8671
VSV00017
VCID-gs9q-zgvz-vucq haproxy: Heap buffer overflow in mux_h2.c:h2_process_demux() can allow attackers to cause a denial of service CVE-2018-10184
VCID-henx-6mda-budq CVE-2026-26081
VCID-j94q-hxyf-eye9 haproxy: denial of service vulnerability in HAProxy mjson library CVE-2025-11230
VCID-jz63-5mba-3qbx haproxy: request smuggling attack or response splitting via duplicate content-length header CVE-2021-40346
VCID-kdfp-841z-vuf8 haproxy: DoS via vectors realted to htx_manage_client_side_cookies in proto_htx.c CVE-2019-14241
VCID-mrdn-6cwg-j3h8 haproxy: data leak via fcgi requests CVE-2023-0836
VCID-qp4n-c9fa-gfcs haproxy: Out-of-bounds read in HPACK decoder CVE-2018-14645
VCID-rj2h-pnmf-mufp haproxy: Spoofed IP Bypass in HAProxy QUIC Listener 0-RTT Sessions CVE-2024-49214
VCID-s86j-egny-77cu haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers CVE-2023-45539
VCID-sy71-5m1g-2yav haproxy: an HTTP method name may contain a space followed by the name of a protected resource CVE-2021-39241
VCID-uenw-ftgk-b3dh haproxy: remote client denial of service vulnerability CVE-2014-6269
VCID-v3mz-rgh2-mfad Multiple vulnerabilities have been found in HAProxy, allowing attackers to execute arbitrary code or cause Denial of Service. CVE-2013-1912
VCID-w1we-d8uq-s3hh haproxy: segfault DoS CVE-2023-0056
VCID-ygb3-7kb1-tqbc haproxy: Proxy forwards malformed empty Content-Length headers CVE-2023-40225

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-06T19:21:01.619497+00:00 Debian Importer Fixing VCID-97wa-uwp2-57gu https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:01.539763+00:00 Debian Importer Fixing VCID-henx-6mda-budq https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:01.492588+00:00 Debian Importer Fixing VCID-5n4e-hka2-yubh https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:01.443328+00:00 Debian Importer Fixing VCID-cmeu-b3fh-hkaf https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:01.397110+00:00 Debian Importer Fixing VCID-2zm3-vw55-k3af https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:01.326225+00:00 Debian Importer Fixing VCID-j94q-hxyf-eye9 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:01.273197+00:00 Debian Importer Fixing VCID-7mfq-cvmr-nbf8 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:01.208761+00:00 Debian Importer Fixing VCID-rj2h-pnmf-mufp https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:01.148162+00:00 Debian Importer Fixing VCID-63yy-cnhx-wyct https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:01.100495+00:00 Debian Importer Fixing VCID-s86j-egny-77cu https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:01.052809+00:00 Debian Importer Fixing VCID-5781-s1ny-q7ey https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:01.011144+00:00 Debian Importer Fixing VCID-ygb3-7kb1-tqbc https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.956222+00:00 Debian Importer Fixing VCID-ayrb-j36f-zqft https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.907420+00:00 Debian Importer Fixing VCID-bb8w-k2e1-xbht https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.859044+00:00 Debian Importer Fixing VCID-mrdn-6cwg-j3h8 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.811947+00:00 Debian Importer Fixing VCID-w1we-d8uq-s3hh https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.765374+00:00 Debian Importer Fixing VCID-a7s4-6k62-3qh2 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.717513+00:00 Debian Importer Fixing VCID-jz63-5mba-3qbx https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.670381+00:00 Debian Importer Fixing VCID-atwp-g4uy-3qgg https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.622695+00:00 Debian Importer Fixing VCID-sy71-5m1g-2yav https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.576165+00:00 Debian Importer Fixing VCID-93ba-zj92-zqf1 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.528318+00:00 Debian Importer Fixing VCID-5q7p-8nxf-sfem https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.484825+00:00 Debian Importer Fixing VCID-4zyf-tsw1-8bfv https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.442453+00:00 Debian Importer Fixing VCID-9gwz-6dnd-r7fj https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.400672+00:00 Debian Importer Fixing VCID-kdfp-841z-vuf8 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.358586+00:00 Debian Importer Fixing VCID-2pk8-3ahf-fbey https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.315934+00:00 Debian Importer Fixing VCID-8e1s-dgj6-vyfq https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.272319+00:00 Debian Importer Fixing VCID-48er-rqvk-nyhg https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.221784+00:00 Debian Importer Fixing VCID-31wf-mpnt-dycm https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.172036+00:00 Debian Importer Fixing VCID-qp4n-c9fa-gfcs https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.125637+00:00 Debian Importer Fixing VCID-9atw-pg8b-y3a2 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.075233+00:00 Debian Importer Fixing VCID-gs9q-zgvz-vucq https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:21:00.031210+00:00 Debian Importer Fixing VCID-79xt-tp2u-6qca https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:20:59.982336+00:00 Debian Importer Fixing VCID-37ny-vqaj-y3bd https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:20:59.938715+00:00 Debian Importer Fixing VCID-uenw-ftgk-b3dh https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:20:59.896058+00:00 Debian Importer Fixing VCID-6pet-6dms-e3g9 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:20:59.852331+00:00 Debian Importer Fixing VCID-v3mz-rgh2-mfad https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-06T19:20:59.800415+00:00 Debian Importer Fixing VCID-bte8-ec31-e7hu https://security-tracker.debian.org/tracker/data/json 38.6.0