Lucene search

K
githubGitHub Advisory DatabaseGHSA-F7CQ-5V43-8PWP
HistoryMay 23, 2024 - 3:19 p.m.

Traefik vulnerable to GO issue allowing malformed DNS message to cause infinite loop

2024-05-2315:19:41
CWE-1395
GitHub Advisory Database
github.com
2
traefik
vulnerability
go
infinite loop
malformed dns
denial of service
cve-2024-24788
patch
release
v2.11.3
v3.0.1
advisory

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.3%

Impact

There is a vulnerability in GO managing malformed DNS message, which impacts Traefik.
This vulnerability could be exploited to cause a denial of service.

References

Patches

Workarounds

No workaround.

For more information

If you have any questions or comments about this advisory, please open an issue.

Affected configurations

Vulners
Node
github_advisory_databasegithub.com\/traefik\/traefikRange1.7.34
OR
github_advisory_databasegithub.com\/traefik\/traefik\/v3Range<3.0.1
OR
github_advisory_databasegithub.com\/traefik\/traefik\/v2Range<2.11.3

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.3%