CVE-2025-11230

Unknown Unknown - Not Provided

BaseFortify

Publication date: 2025-11-19

Last updated on: 2025-12-19

Assigner: Canonical Ltd.

Description

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2025-11-19

Last Modified

2025-12-19

Generated

2026-05-07

AI Q&A

2025-11-19

EPSS Evaluated

2026-05-05

NVD

CVE-2025-11230

EUVD

EUVD-2025-198149

Affected Vendors & Products

Vendor	Product	Version / Range
haproxy	aloha_appliance	From 14.5.0 (inc) to 14.5.33 (exc)
haproxy	aloha_appliance	From 15.5.0 (inc) to 15.5.28 (exc)
haproxy	aloha_appliance	From 16.5.0 (inc) to 16.5.19 (exc)
haproxy	aloha_appliance	From 17.0.0 (inc) to 17.0.7 (exc)
haproxy	haproxy	From 2.4.0 (inc) to 2.4.30 (exc)
haproxy	haproxy	From 2.6.0 (inc) to 2.6.23 (exc)
haproxy	haproxy	From 2.8.0 (inc) to 2.8.16 (exc)
haproxy	haproxy	From 3.0.0 (inc) to 3.0.12 (exc)
haproxy	haproxy	From 3.1.0 (inc) to 3.1.9 (exc)
haproxy	haproxy	From 3.2.0 (inc) to 3.2.6 (exc)
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.4r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.6r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	2.8r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.0r1
haproxy	haproxy_enterprise	3.1r1
haproxy	haproxy_enterprise	3.1r1
haproxy	haproxy_enterprise	3.1r1
haproxy	haproxy_enterprise	3.1r1
haproxy	haproxy_enterprise	3.1r1
haproxy	haproxy_enterprise	3.1r1
haproxy	haproxy_enterprise	3.1r1
haproxy	haproxy_enterprise	3.1r1
haproxy	haproxy_enterprise	3.1r1
haproxy	haproxy_enterprise	3.1r1
haproxy	haproxy_enterprise	3.1r1
haproxy	kubernetes_ingress_controller	to 1.9.14-ee7 (exc)
haproxy	kubernetes_ingress_controller	to 3.1.12 (exc)
haproxy	kubernetes_ingress_controller	From 1.10.10-ee1 (inc) to 1.11.12-ee10 (exc)
haproxy	kubernetes_ingress_controller	From 3.0.0-ee1 (inc) to 3.0.15-ee4 (exc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-407	An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.

Attack-Flow Graph

AI Powered Q&A

How can this vulnerability impact me? :

The impact of this vulnerability is a denial of service condition, where an attacker can remotely cause the HAProxy service to become unavailable or unresponsive by sending specially crafted JSON requests.

Can you explain this vulnerability to me?

This vulnerability is caused by an inefficient algorithm complexity in the mjson component of HAProxy. It allows remote attackers to send specially crafted JSON requests that can cause a denial of service (DoS) by overwhelming the system.

How can this vulnerability impact me? :

The vulnerability can impact you by allowing remote attackers to cause a denial of service, making the affected HAProxy service unavailable or unresponsive.

Can you explain this vulnerability to me?

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

CVE-2025-11230

BaseFortify

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Powered Q&A

Ask Our AI Assistant

EPSS Chart