HAProxy contains a flaw that may allow a remote denial of service. The issue is due to an uninitialized field in the struct session. This can conceivably be triggered when a session is freed (e.g., an attacker could create numerous sessions to increase the chance of crash), and may result in loss of availability for the service.
Remote / Network Access
Loss of Availability
Upgrade to version 18.104.22.168 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.