Launchpad.net

CVE 2023-0056

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.

Related bugs and status

CVE-2023-0056 (Candidate) is related to these bugs:

Bug #2009334: [Debian] CVE: CVE-2023-25725: haproxy : may allow a bypass of access control

Summary				In	Importance	Status
	2009334	[Debian] CVE: CVE-2023-25725: haproxy : may allow a bypass of access control		StarlingX	High	Fix Released

Bug #2012557: [MRE] haproxy

		In	Importance	Status
2012557	[MRE] haproxy	haproxy (Ubuntu)	Undecided	Invalid
2012557	[MRE] haproxy	haproxy (Ubuntu Kinetic)	Undecided	Fix Released
2012557	[MRE] haproxy	haproxy (Ubuntu Focal)	Undecided	Fix Released
2012557	[MRE] haproxy	haproxy (Ubuntu Jammy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://access.redhat....