Nixpkgs security tracker

Untriaged

Permalink CVE-2026-33555

4.0 MEDIUM

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

created 22 hours ago

An issue was discovered in HAProxy before 3.3.6. The HTTP/3 …

An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously announced content-length when the stream is closed via a frame with an empty payload. This can cause desynchronization issues with the backend server and could be used for request smuggling. The earliest affected version is 2.6.

References

Affected products

HAProxy

<3.3.6

Matching in nixpkgs

pkgs.haproxy

Reliable, high performance TCP/HTTP load balancer

nixos-unstable 3.3.6
- nixpkgs-unstable 3.3.6
- nixos-unstable-small 3.3.6
nixos-25.11 3.2.9
- nixos-25.11-small 3.2.9
- nixpkgs-25.11-darwin 3.2.9

pkgs.prometheus-haproxy-exporter

HAProxy Exporter for the Prometheus monitoring system

nixos-unstable 0.15.0
- nixpkgs-unstable 0.15.0
- nixos-unstable-small 0.15.0
nixos-25.11 0.15.0
- nixos-25.11-small 0.15.0
- nixpkgs-25.11-darwin 0.15.0

pkgs.haskellPackages.io-streams-haproxy

HAProxy protocol 1.5 support for io-streams

nixos-unstable 1.0.1.0
- nixpkgs-unstable 1.0.1.0
- nixos-unstable-small 1.0.1.0
nixos-25.11 1.0.1.0
- nixos-25.11-small 1.0.1.0
- nixpkgs-25.11-darwin 1.0.1.0

Package maintainers

@vifino Adrian Pistol <vifino@tty.sh>
@benley Benjamin Staffin <benley@gmail.com>