Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2025-11230
Analyzed
More InfoOfficial Page
Source-security@ubuntu.com
View Known Exploited Vulnerability (KEV) details
Published At-19 Nov, 2025 | 10:15
Updated At-19 Dec, 2025 | 16:44

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
haproxy
haproxy
>>aloha_appliance>>Versions from 14.5.0(inclusive) to 14.5.33(exclusive)
cpe:2.3:a:haproxy:aloha_appliance:*:*:*:*:*:*:*:*
haproxy
haproxy
>>aloha_appliance>>Versions from 15.5.0(inclusive) to 15.5.28(exclusive)
cpe:2.3:a:haproxy:aloha_appliance:*:*:*:*:*:*:*:*
haproxy
haproxy
>>aloha_appliance>>Versions from 16.5.0(inclusive) to 16.5.19(exclusive)
cpe:2.3:a:haproxy:aloha_appliance:*:*:*:*:*:*:*:*
haproxy
haproxy
>>aloha_appliance>>Versions from 17.0.0(inclusive) to 17.0.7(exclusive)
cpe:2.3:a:haproxy:aloha_appliance:*:*:*:*:*:*:*:*
haproxy
haproxy
>>haproxy>>Versions from 2.4.0(inclusive) to 2.4.30(exclusive)
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
haproxy
haproxy
>>haproxy>>Versions from 2.6.0(inclusive) to 2.6.23(exclusive)
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
haproxy
haproxy
>>haproxy>>Versions from 2.8.0(inclusive) to 2.8.16(exclusive)
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
haproxy
haproxy
>>haproxy>>Versions from 3.0.0(inclusive) to 3.0.12(exclusive)
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
haproxy
haproxy
>>haproxy>>Versions from 3.1.0(inclusive) to 3.1.9(exclusive)
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
haproxy
haproxy
>>haproxy>>Versions from 3.2.0(inclusive) to 3.2.6(exclusive)
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-253.271:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-254.271:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-259.342:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-263.343:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-264.356:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-268.356:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-268.373:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-268.459:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-268.464:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-268.477:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-268.499:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-268.553:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-268.560:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-268.564:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-268.596:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-269.596:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-269.599:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-270.616:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-271.673:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-271.677:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-272.683:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-272.686:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-272.728:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-274.752:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-276.752:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-277.814:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-277.831:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-278.838:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-279.852:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-279.859:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-279.877:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-279.911:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-279.940:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-279.952:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-279.953:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-279.956:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-280.956:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-282.998:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-282.999:*:*:*:*:*:*
haproxy
haproxy
>>haproxy_enterprise>>2.4r1
cpe:2.3:a:haproxy:haproxy_enterprise:2.4r1:1.0.0-284.999:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-407Secondarysecurity@ubuntu.com
CWE ID: CWE-407
Type: Secondary
Source: security@ubuntu.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.haproxy.com/blog/october-2025-cve-2025-11230-haproxy-mjson-library-denial-of-service-vulnerabilitysecurity@ubuntu.com
Vendor Advisory
Hyperlink: https://www.haproxy.com/blog/october-2025-cve-2025-11230-haproxy-mjson-library-denial-of-service-vulnerability
Source: security@ubuntu.com
Resource:
Vendor Advisory
Change History
0Changes found
Details not found