Articles in category
CVE
October 2025 – CVE-2025-59303: secret leak in HAProxy Kubernetes Ingress Controller
Upgrade to the lastest version of HAProxy Kubernetes Ingress Controller (KIC) to address a vulnerability allowing privilege escalation. Learn about affected versions, remediation, and workarounds.
October 2025 – CVE-2025-11230: denial of service vulnerability in HAProxy mjson library
The latest versions of HAProxy Community and Enterprise have patches for a critical denial of service vulnerability in the mjson library.
HAProxy Enterprise WAF protects against Microsoft SharePoint CVE-2025-53770 / CVE-2025-53771
CVE-2025-53770 and CVE-2025-53771 are currently being exploited in the wild. However, users of HAProxy Enterprise WAF are protected automatically.
Protecting against SAP NetWeaver vulnerability (CVE-2025-31324) with HAProxy
Mitigate SAP NetWeaver CVE-2025-31324 with HAProxy. Learn how to block unauthenticated file uploads and protect your systems from severe risk.
January 2025 – Multiple rsync CVEs impacting memory and file handling in Linux virtual images
The latest versions of HAProxy Fusion fix multiple rsync vulnerabilities related to memory handling and file management in HAProxy Fusion’s Linux-based virtual images. We will cover these CVEs here.