GHSA-7f4j-64p6-5h5v

Source

https://github.com/advisories/GHSA-7f4j-64p6-5h5v

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/04/GHSA-7f4j-64p6-5h5v/GHSA-7f4j-64p6-5h5v.json

Published

2024-04-15T18:14:51Z

Modified

2024-04-15T18:14:51Z

Details

There is a potential vulnerability in Traefik managing HTTP/2 connections.

More details in the CVE-2023-45288.

Patches

https://github.com/traefik/traefik/releases/tag/v2.11.2
https://github.com/traefik/traefik/releases/tag/v3.0.0-rc5

Workarounds

No workaround

For more information

If you have any questions or comments about this advisory, please open an issue.

References

Affected packages

Go / github.com/traefik/traefik/v2

Package

Name: github.com/traefik/traefik/v2

Affected ranges

Type: SEMVER
Events: Introduced

0The exact introduced commit is unknown

Fixed

2.11.2

Go / github.com/traefik/traefik/v3

Package

Name: github.com/traefik/traefik/v3

Affected ranges

Type: SEMVER
Events: Introduced

3.0.0-rc1

Fixed

3.0.0-rc5