CVE-2025-11230
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-11230, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-11-19

Last updated on: 2025-12-19

Assigner: Canonical Ltd.

Description

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-11-19
Last Modified
2025-12-19
Generated
2026-07-06
AI Q&A
2025-11-19
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 200 associated CPEs
Vendor Product Version / Range
haproxy aloha_appliance From 14.5.0 (inc) to 14.5.33 (exc)
haproxy aloha_appliance From 15.5.0 (inc) to 15.5.28 (exc)
haproxy aloha_appliance From 16.5.0 (inc) to 16.5.19 (exc)
haproxy aloha_appliance From 17.0.0 (inc) to 17.0.7 (exc)
haproxy haproxy From 2.4.0 (inc) to 2.4.30 (exc)
haproxy haproxy From 2.6.0 (inc) to 2.6.23 (exc)
haproxy haproxy From 2.8.0 (inc) to 2.8.16 (exc)
haproxy haproxy From 3.0.0 (inc) to 3.0.12 (exc)
haproxy haproxy From 3.1.0 (inc) to 3.1.9 (exc)
haproxy haproxy From 3.2.0 (inc) to 3.2.6 (exc)
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy kubernetes_ingress_controller to 1.9.14-ee7 (exc)
haproxy kubernetes_ingress_controller to 3.1.12 (exc)
haproxy kubernetes_ingress_controller From 1.10.10-ee1 (inc) to 1.11.12-ee10 (exc)
haproxy kubernetes_ingress_controller From 3.0.0-ee1 (inc) to 3.0.15-ee4 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-407 An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Impact Analysis

The impact of this vulnerability is a denial of service condition, where an attacker can remotely cause the HAProxy service to become unavailable or unresponsive by sending specially crafted JSON requests.

Executive Summary

This vulnerability is caused by an inefficient algorithm complexity in the mjson component of HAProxy. It allows remote attackers to send specially crafted JSON requests that can cause a denial of service (DoS) by overwhelming the system.

Impact Analysis

The vulnerability can impact you by allowing remote attackers to cause a denial of service, making the affected HAProxy service unavailable or unresponsive.

Executive Summary

This vulnerability is caused by an inefficient algorithm complexity in the mjson component of HAProxy. It allows remote attackers to send specially crafted JSON requests that can cause a denial of service (DoS) by overwhelming the system.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11230. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart