Vulnerability Database

317,828

Total vulnerabilities in the database

CVE-2019-11323

HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. This is related to an include/types/ssl_sock.h error.

Published: May 9, 2019
Updated: Nov 9, 2025
CVE: CVE-2019-11323
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.9
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-327
CWE-908

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
haproxy / haproxy	1.9.2	1.9.7

http://git.haproxy.org/?p=haproxy.git;a=commit;h=8ef706502aa2000531d36e4ac56dbdc7c30f718d
http://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=8ef706502aa2000531d36e4ac56dbdc7c30f718d
https://www.mail-archive.com/haproxy@formilux.org/msg33410.html
https://www.mail-archive.com/haproxy%40formilux.org/msg33410.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo