FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

traefik -- Resource exhaustion by malicious HTTP/2 client

Affected packages
traefik < 2.10.5

Details

VuXML ID 7a1b2624-6a89-11ee-af06-5404a68ad561
Discovery 2023-10-10
Entry 2023-10-14

The traefik authors report:

There is a vulnerability in GO managing HTTP/2 requests, which impacts Traefik. This vulnerability could be exploited to cause a denial of service.

[source]

References

CVE Name CVE-2023-39325
CVE Name CVE-2023-44487
URL https://github.com/traefik/traefik/security/advisories/GHSA-7v4p-328v-8v5g

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.