7 matches found
GHSA-92MV-8F8W-WQ52 traefik CVE-2024-45410 fix bypass: lowercase `Connection` tokens can delete traefik-managed forwarded identity headers (for example, `X-Real-Ip`)
Impact There is a potential vulnerability in Traefik managing the Connection header with X-Forwarded headers. When Traefik processes HTTP/1.1 requests, the protection put in place to prevent the removal of Traefik-managed X-Forwarded headers such as X-Real-Ip, X-Forwarded-Host, X-Forwarded-Port,...
traefik CVE-2024-45410 fix bypass: lowercase `Connection` tokens can delete traefik-managed forwarded identity headers (for example, `X-Real-Ip`)
Impact There is a potential vulnerability in Traefik managing the Connection header with X-Forwarded headers. When Traefik processes HTTP/1.1 requests, the protection put in place to prevent the removal of Traefik-managed X-Forwarded headers such as X-Real-Ip, X-Forwarded-Host, X-Forwarded-Port,...
traefik2-2.11.10-1.1 on GA media (moderate)
traefik2-2.11.10-1.1 on GA media Announcement ID: openSUSE-SU-2024:14367-1 Rating: moderate Cross-References: CVE-2024-45410 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
traefik-3.1.4-1.1 on GA media (moderate)
traefik-3.1.4-1.1 on GA media Announcement ID: openSUSE-SU-2024:14365-1 Rating: moderate Cross-References: CVE-2024-45410 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the traefik-3.1.4-1.1...
CVE-2024-45410 HTTP client can remove the X-Forwarded headers in Traefik
Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the request is routed to the application. For a HTTP client, it should not be possible to remove or modif...
CVE-2024-45410 HTTP client can remove the X-Forwarded headers in Traefik
Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the request is routed to the application. For a HTTP client, it should not be possible to remove or modif...
CVE-2024-45410
Traefik vulnerability CVE-2024-45410 involves hop-by-hop header handling where X-Forwarded-Host/X-Forwarded-Port (and related headers) could be modified by a client in HTTP/1.1, enabling header manipulation that trusted backend apps may rely on for security decisions. The issue arises from how Tr...