CNNVD-202511-2235 Information

CNNVD ID

CNNVD-202511-2235

Related CVE

CVE-2025-11230

• CNNVD Published: 2025-11-19

Description (Chinese)

HAProxy是法国HAProxy公司的一款开源的TCP/HTTP负载均衡服务器。该服务器提供4层、7层代理，并能支持上万级别的连接，具有高效、稳定等特点。 HAProxy存在安全漏洞，该漏洞源于mjson中算法复杂度低效，可能导致拒绝服务攻击。

Description (English)

HAProxy is an open source TCP/HTTP load equilibrium server for HAProxy, France. The server provides four- and seven-storey agents and supports tens of thousands of levels of connectivity, which are efficient and stable. HAProxy had a security loophole, which stemmed from the inefficiency of the mjson medium algorithm, which could lead to a denial of service attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

HAProxy

Published

2025-11-19

Last Modified

2026-02-24

References

https://www.haproxy.com/blog/october-2025-cve-2025-11230-haproxy-mjson-library-denial-of-service-vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-11230

Patch

https://www.haproxy.com/blog/october-2025-cve-2025-11230-haproxy-mjson-library-denial-of-service-vulnerability