FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

traefik -- Bypassing IP allow-lists via HTTP/3 early data requests

Affected packages
traefik < 2.11.6

Details

VuXML ID 767dfb2d-3c9e-11ef-a829-5404a68ad561
Discovery 2024-07-02
Entry 2024-07-07

The traefik authors report:

There is a vulnerability in Traefik that allows bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes sent with spoofed IP addresses.

[source]

References

CVE Name CVE-2024-39321
URL https://github.com/traefik/traefik/security/advisories/GHSA-gxrv-wf35-62w9

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.