haproxytech/haproxy-alpine:2.6.12

Base OS: alpine 3.17.3 95 vulnerabilities fixed

Patched Image

quay.io/verity/haproxytech/haproxy-alpine:2.6.12-patched

Supply Chain

Signed SLSA L3 SBOM Rekor

Verify this artifact

Cosign signature

cosign verify \
  --certificate-identity-regexp "https://github.com/descope/verity/.github/workflows/" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  quay.io/verity/haproxytech/haproxy-alpine:2.6.12-patched

Build provenance

gh attestation verify \
  oci://quay.io/verity/haproxytech/haproxy-alpine:2.6.12-patched \
  --owner descope

Pre-patch scan

Found 95 vulnerabilit ies in the original image. 95 fixed by Copa.

3CRITICAL14HIGH69MEDIUM9LOW

Vulnerability details

ID	Package	Installed	Fixed	Severity
CVE-2025-15467	libcrypto3	3.0.8-r3	3.0.19-r0	CRITICAL
CVE-2025-15467	libssl3	3.0.8-r3	3.0.19-r0	CRITICAL
CVE-2025-15467	openssl	3.0.8-r3	3.0.19-r0	CRITICAL
CVE-2023-5363	libcrypto3	3.0.8-r3	3.0.12-r0	HIGH
CVE-2024-6119	libcrypto3	3.0.8-r3	3.0.15-r0	HIGH
CVE-2025-69419	libcrypto3	3.0.8-r3	3.0.19-r0	HIGH
CVE-2025-69421	libcrypto3	3.0.8-r3	3.0.19-r0	HIGH
CVE-2023-5363	libssl3	3.0.8-r3	3.0.12-r0	HIGH
CVE-2024-6119	libssl3	3.0.8-r3	3.0.15-r0	HIGH
CVE-2025-69419	libssl3	3.0.8-r3	3.0.19-r0	HIGH
CVE-2025-69421	libssl3	3.0.8-r3	3.0.19-r0	HIGH
CVE-2025-26519	musl	1.2.3-r4	1.2.3-r6	HIGH
CVE-2025-26519	musl-utils	1.2.3-r4	1.2.3-r6	HIGH
CVE-2023-5363	openssl	3.0.8-r3	3.0.12-r0	HIGH
CVE-2024-6119	openssl	3.0.8-r3	3.0.15-r0	HIGH
CVE-2025-69419	openssl	3.0.8-r3	3.0.19-r0	HIGH
CVE-2025-69421	openssl	3.0.8-r3	3.0.19-r0	HIGH
CVE-2023-42363	busybox	1.35.0-r29	1.35.0-r31	MEDIUM
CVE-2023-42364	busybox	1.35.0-r29	1.35.0-r31	MEDIUM
CVE-2023-42365	busybox	1.35.0-r29	1.35.0-r31	MEDIUM
CVE-2023-42366	busybox	1.35.0-r29	1.35.0-r30	MEDIUM
CVE-2023-42363	busybox-binsh	1.35.0-r29	1.35.0-r31	MEDIUM
CVE-2023-42364	busybox-binsh	1.35.0-r29	1.35.0-r31	MEDIUM
CVE-2023-42365	busybox-binsh	1.35.0-r29	1.35.0-r31	MEDIUM
CVE-2023-42366	busybox-binsh	1.35.0-r29	1.35.0-r30	MEDIUM
CVE-2023-1255	libcrypto3	3.0.8-r3	3.0.8-r4	MEDIUM
CVE-2023-2650	libcrypto3	3.0.8-r3	3.0.9-r0	MEDIUM
CVE-2023-2975	libcrypto3	3.0.8-r3	3.0.9-r2	MEDIUM
CVE-2023-3446	libcrypto3	3.0.8-r3	3.0.9-r3	MEDIUM
CVE-2023-3817	libcrypto3	3.0.8-r3	3.0.10-r0	MEDIUM
CVE-2023-5678	libcrypto3	3.0.8-r3	3.0.12-r1	MEDIUM
CVE-2023-6129	libcrypto3	3.0.8-r3	3.0.12-r2	MEDIUM
CVE-2023-6237	libcrypto3	3.0.8-r3	3.0.12-r3	MEDIUM
CVE-2024-0727	libcrypto3	3.0.8-r3	3.0.12-r4	MEDIUM
CVE-2024-13176	libcrypto3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2024-4603	libcrypto3	3.0.8-r3	3.0.13-r0	MEDIUM
CVE-2024-4741	libcrypto3	3.0.8-r3	3.0.14-r0	MEDIUM
CVE-2024-5535	libcrypto3	3.0.8-r3	3.0.14-r0	MEDIUM
CVE-2025-68160	libcrypto3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2025-69418	libcrypto3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2025-69420	libcrypto3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2025-9230	libcrypto3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2026-22795	libcrypto3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2026-22796	libcrypto3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2023-1255	libssl3	3.0.8-r3	3.0.8-r4	MEDIUM
CVE-2023-2650	libssl3	3.0.8-r3	3.0.9-r0	MEDIUM
CVE-2023-2975	libssl3	3.0.8-r3	3.0.9-r2	MEDIUM
CVE-2023-3446	libssl3	3.0.8-r3	3.0.9-r3	MEDIUM
CVE-2023-3817	libssl3	3.0.8-r3	3.0.10-r0	MEDIUM
CVE-2023-5678	libssl3	3.0.8-r3	3.0.12-r1	MEDIUM
CVE-2023-6129	libssl3	3.0.8-r3	3.0.12-r2	MEDIUM
CVE-2023-6237	libssl3	3.0.8-r3	3.0.12-r3	MEDIUM
CVE-2024-0727	libssl3	3.0.8-r3	3.0.12-r4	MEDIUM
CVE-2024-13176	libssl3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2024-4603	libssl3	3.0.8-r3	3.0.13-r0	MEDIUM
CVE-2024-4741	libssl3	3.0.8-r3	3.0.14-r0	MEDIUM
CVE-2024-5535	libssl3	3.0.8-r3	3.0.14-r0	MEDIUM
CVE-2025-68160	libssl3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2025-69418	libssl3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2025-69420	libssl3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2025-9230	libssl3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2026-22795	libssl3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2026-22796	libssl3	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2023-1255	openssl	3.0.8-r3	3.0.8-r4	MEDIUM
CVE-2023-2650	openssl	3.0.8-r3	3.0.9-r0	MEDIUM
CVE-2023-2975	openssl	3.0.8-r3	3.0.9-r2	MEDIUM
CVE-2023-3446	openssl	3.0.8-r3	3.0.9-r3	MEDIUM
CVE-2023-3817	openssl	3.0.8-r3	3.0.10-r0	MEDIUM
CVE-2023-5678	openssl	3.0.8-r3	3.0.12-r1	MEDIUM
CVE-2023-6129	openssl	3.0.8-r3	3.0.12-r2	MEDIUM
CVE-2023-6237	openssl	3.0.8-r3	3.0.12-r3	MEDIUM
CVE-2024-0727	openssl	3.0.8-r3	3.0.12-r4	MEDIUM
CVE-2024-13176	openssl	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2024-4603	openssl	3.0.8-r3	3.0.13-r0	MEDIUM
CVE-2024-4741	openssl	3.0.8-r3	3.0.14-r0	MEDIUM
CVE-2024-5535	openssl	3.0.8-r3	3.0.14-r0	MEDIUM
CVE-2025-68160	openssl	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2025-69418	openssl	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2025-69420	openssl	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2025-9230	openssl	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2026-22795	openssl	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2026-22796	openssl	3.0.8-r3	3.0.19-r0	MEDIUM
CVE-2023-42363	ssl_client	1.35.0-r29	1.35.0-r31	MEDIUM
CVE-2023-42364	ssl_client	1.35.0-r29	1.35.0-r31	MEDIUM
CVE-2023-42365	ssl_client	1.35.0-r29	1.35.0-r31	MEDIUM
CVE-2023-42366	ssl_client	1.35.0-r29	1.35.0-r30	MEDIUM
CVE-2024-2511	libcrypto3	3.0.8-r3	3.0.12-r5	LOW
CVE-2024-9143	libcrypto3	3.0.8-r3	3.0.15-r1	LOW
CVE-2025-9232	libcrypto3	3.0.8-r3	3.0.19-r0	LOW
CVE-2024-2511	libssl3	3.0.8-r3	3.0.12-r5	LOW
CVE-2024-9143	libssl3	3.0.8-r3	3.0.15-r1	LOW
CVE-2025-9232	libssl3	3.0.8-r3	3.0.19-r0	LOW
CVE-2024-2511	openssl	3.0.8-r3	3.0.12-r5	LOW
CVE-2024-9143	openssl	3.0.8-r3	3.0.15-r1	LOW
CVE-2025-9232	openssl	3.0.8-r3	3.0.19-r0	LOW

Original image reference

haproxytech/haproxy-alpine:2.6.12