Tag

Haproxy

2 briefs RSS

CVE-2026-55204: HAProxy Null Pointer Dereference Leads to Denial of Service

An unauthenticated attacker can exploit CVE-2026-55204, a null pointer dereference vulnerability in HAProxy through version 3.4.0, by triggering excessive HPACK dynamic table insertions under memory pressure, causing HAProxy worker processes to crash and resulting in a denial of service.

HAProxy 3.4.0 denial-of-service vulnerability HAProxy CVE-2026-55204

2r 1t 2d ago

high advisory

CVE-2026-55203 HAProxy Integer Overflow in FastCGI Handling

2 rules 3 TTPs

An integer overflow vulnerability (CVE-2026-55203) in HAProxy through version 3.4.0 allows malicious FastCGI backends to desynchronize the FCGI framing parser, leading to request routing errors, response smuggling, or memory safety issues.

HAProxy vulnerability fastcgi integer-overflow webserver proxy

2r 3t 2d ago