CVE-2025-11230
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-19

Last updated on: 2025-12-19

Assigner: Canonical Ltd.

Description
Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-19
Last Modified
2025-12-19
Generated
2026-06-16
AI Q&A
2025-11-19
EPSS Evaluated
2026-06-15
NVD
CVE-2025-11230
EUVD
EUVD-2025-198149
Affected Vendors & Products
Showing 200 associated CPEs
Vendor Product Version / Range
haproxy aloha_appliance From 14.5.0 (inc) to 14.5.33 (exc)
haproxy aloha_appliance From 15.5.0 (inc) to 15.5.28 (exc)
haproxy aloha_appliance From 16.5.0 (inc) to 16.5.19 (exc)
haproxy aloha_appliance From 17.0.0 (inc) to 17.0.7 (exc)
haproxy haproxy From 2.4.0 (inc) to 2.4.30 (exc)
haproxy haproxy From 2.6.0 (inc) to 2.6.23 (exc)
haproxy haproxy From 2.8.0 (inc) to 2.8.16 (exc)
haproxy haproxy From 3.0.0 (inc) to 3.0.12 (exc)
haproxy haproxy From 3.1.0 (inc) to 3.1.9 (exc)
haproxy haproxy From 3.2.0 (inc) to 3.2.6 (exc)
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.4r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.6r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 2.8r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.0r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy haproxy_enterprise 3.1r1
haproxy kubernetes_ingress_controller to 1.9.14-ee7 (exc)
haproxy kubernetes_ingress_controller to 3.1.12 (exc)
haproxy kubernetes_ingress_controller From 1.10.10-ee1 (inc) to 1.11.12-ee10 (exc)
haproxy kubernetes_ingress_controller From 3.0.0-ee1 (inc) to 3.0.15-ee4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-407 An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

The impact of this vulnerability is a denial of service condition, where an attacker can remotely cause the HAProxy service to become unavailable or unresponsive by sending specially crafted JSON requests.

Executive Summary

This vulnerability is caused by an inefficient algorithm complexity in the mjson component of HAProxy. It allows remote attackers to send specially crafted JSON requests that can cause a denial of service (DoS) by overwhelming the system.

Impact Analysis

The vulnerability can impact you by allowing remote attackers to cause a denial of service, making the affected HAProxy service unavailable or unresponsive.

Executive Summary

This vulnerability is caused by an inefficient algorithm complexity in the mjson component of HAProxy. It allows remote attackers to send specially crafted JSON requests that can cause a denial of service (DoS) by overwhelming the system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11230. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart