Описание
Traefik vulnerable to GO issue allowing malformed DNS message to cause infinite loop
Impact
There is a vulnerability in GO managing malformed DNS message, which impacts Traefik. This vulnerability could be exploited to cause a denial of service.
References
Patches
- https://github.com/traefik/traefik/releases/tag/v2.11.3
- https://github.com/traefik/traefik/releases/tag/v3.0.1
Workarounds
No workaround.
For more information
If you have any questions or comments about this advisory, please open an issue.
Пакеты
Наименование
github.com/traefik/traefik/v2
go
Затронутые версииВерсия исправления
< 2.11.3
2.11.3
Наименование
github.com/traefik/traefik/v3
go
Затронутые версииВерсия исправления
< 3.0.1
3.0.1
Наименование
github.com/traefik/traefik
go
Затронутые версииВерсия исправления
<= 1.7.34
Отсутствует
5.3 Medium
CVSS3
Дефекты
CWE-1395
5.3 Medium
CVSS3
Дефекты
CWE-1395