CVE-2022-46153 Routes exposed with an empty TLSOption in traefik

Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS...

CVE-2022-46153

Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS...

CVE-2022-23469 Authorization header displayed in the debug logs

Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are subject to a potential vulnerability in Traefik displaying the Authorization header in its debug logs. In certain cases, if the log level is set to DEBUG, credentials provided using the Authorization heade...

CVE-2022-23469

Traefik (open source HTTP reverse proxy/load balancer) prior to version 2.9.6 is vulnerable to leaking credentials via the Authorization header in debug logs. The issue arises when log level is DEBUG, causing credentials sent in Authorization headers to be written to logs. Remediation per the sou...

GHSA-F44Q-634C-JVWV libp2p DoS vulnerability from lack of resource management

Impact Versions older than v0.38.0 of js-libp2p are vulnerable to targeted resource exhaustion attacks. These attacks target libp2p’s connection, stream, peer, and memory management. An attacker can cause the allocation of large amounts of memory, ultimately leading to the process getting killed ...

PT-2022-16021 · Js-Libp2P · Js-Libp2P

Name of the Vulnerable Software and Affected Versions: js-libp2p versions prior to v0.38.0 Description: The issue concerns targeted resource exhaustion attacks that affect libp2p's connection, stream, peer, and memory management. An attacker can cause the allocation of large amounts of memory,...

kernel: gso: do not skip outer ip header in case of ipip and net_failover

In the Linux kernel, the following vulnerability has been resolved: gso: do not skip outer ip header in case of ipip and netfailover We encounter a tcp drop issue in our cloud environment. Packet GROed in host forwards to a VM virtionet nic with netfailover enabled. VM acts as a IPVS LB with ipip...

http request is blocked by http callout policy with blank web page

If the customer bind responder policy that refered http callout policy to ADC appliance global bind point. User's access to LB Virtual server will show blank page...

CVE-2022-39271

CVE-2022-39271 affects Traefik, a modern HTTP reverse proxy/load balancer. The vulnerability lies in HTTP/2 connection handling where closing an HTTP/2 server connection could hang due to a subsequent fatal error, potentially enabling a denial-of-service condition. A patch has been released in Tr...

Launching ICA file failure in ICA proxy deployment integrated with Sangfor LB

Launching ICA file failure in ICA proxy deployment integrated with Sangfor LB...

Virtuozzo Hybrid Infrastructure 5.2 (5.2.0-135)

In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that enhance compute services, the cluster management and upgrade process, monitoring and alerts, the user interface, and the documentation. Additionally, this release delivers stability improvements and addresses...

F5 BIG-IP 缓冲区错误漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP TMM ClientSSL profile, which stems from the vulnerability when the...

Fedora: Security Advisory for golang-github-facebookincubator-dhcplb (FEDORA-2022-ea8f4e232d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-facebookincubator-dhcplb-0-0.5.20210706git2e66b27.fc36

Dhcplb is Facebook's implementation of a load balancer for DHCP...

HTTP Host Header Attack Vulnerabilities

The package laminas/laminas-diactoros Diactoros is a PSR-7 HTTP Message and PSR-17 HTTP Message Factory implementation, providing HTTP request and response message representations both for making HTTP client requests and responding to HTTP requests server-side. When responding to an incoming...

Fedora: Security Advisory for golang-github-hashicorp-serf (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: golang-github-hashicorp-serf-0.9.5-5.fc35

Serf is a decentralized solution for service discovery and orchestration that is lightweight, highly available, and fault tolerant. Serf runs on Linux, Mac OS X, and Windows. An efficient and lightweight gossip protocol is used to communicate with other nodes. Serf can detect node failur es and...

[SECURITY] Fedora 35 Update: golang-github-facebookincubator-dhcplb-0-0.4.20210706git2e66b27.fc35

Dhcplb is Facebook's implementation of a load balancer for DHCP...

This Week in Spring - July 12th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! How are you? This week Im writing you from sunny Seattle, Washington, where were having our next installment of the SpringOne Tour series. Its been a ton of fun seeing all these fun and friendly faces again and getting to see...

Identifying Cloud Waste to Contain Unnecessary Costs

Cloud adoption has exploded over the past decade or so, and for good reason. Many digital transformation advancements – and even the complete reimagination of entire industries – can be directly mapped and attributed to cloud innovation. While this rapid pace of innovation has had a profound impa...