A flaw was discovered in the way HAProxy, a fast and reliable load balancing reverse proxy, processes HTTP responses containing the Set-Cookie2 header, which can result in an unbounded loop, causing a denial of service.