Haproxy · Haproxy · CVE-2025-32464
Name of the Vulnerable Software and Affected Versions:
HAProxy versions 2.2 through 3.1.6
Description:
The issue is related to a heap-based buffer overflow in certain uncommon configurations due to the mishandling of the replacement of multiple short patterns with a longer one. This occurs in the sample conv regsub function.
Recommendations:
For HAProxy versions 2.2 through 3.1.6, consider updating to a version that includes a fix for the sample conv regsub heap-based buffer overflow issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.