HCE3-SA-2025-0057 Important HCE 3.0 Security Fix(es): HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions, as exploited in the wild in 2024. (CVE-2024-45506) Inconsistent interpretation of HTTP requests (_x27;HTTP Request/Response Smuggling_x27;) issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL (Access Control List) set on the product. As a result, the attacker may obtain sensitive information. (CVE-2024-53008) HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one. (CVE-2025-32464) QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality. (CVE-2024-49214) HCE 3.0 haproxy-2.9.5-7.r5.hce3.x86_64.rpm haproxy-help-2.9.5-7.r5.hce3.noarch.rpm haproxy-2.9.5-7.r5.hce3.aarch64.rpm