Lucene search
Veracode Vulnerability DatabaseVERACODE:37535HistoryOct 12, 2022 - 1:04 p.m.
Denial Of Service (DoS)
2022-10-1213:04:50
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
denial of service
github
traefik
http/2
vulnerability
application crash
software
0.001 Low
EPSS
Percentile
36.5%
github.com/traefik/traefik is vulnerable to denial of service. The vulnerability exists during the closing of HTTP/2 connections which could hang forever because of a subsequent fatal error resulting in an application crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/traefik/traefik | le | v2.8.7 | |
| github.com/traefik/traefik | le | v2.8.7 |
References
github.com/traefik/traefik/commit/460163c24db2915d613ef74d79356d8f6f51e617
github.com/traefik/traefik/commit/63a1186d3e1ac834a467fd56bad7ed151df5b963
github.com/traefik/traefik/releases/tag/v2.8.8
github.com/traefik/traefik/releases/tag/v2.9.0-rc5
github.com/traefik/traefik/security/advisories/GHSA-c6hx-pjc3-7fqr
Related
osv
osv
Traefik HTTP/2 connections management could cause a denial of service
2022-10-10 21:23:30
CVE-2022-39271
2022-10-11 14:15:09
github
github
Traefik HTTP/2 connections management could cause a denial of service
2022-10-10 21:23:30
cve
cve
CVE-2022-39271
2022-10-11 14:15:09
alpinelinux
alpinelinux
CVE-2022-39271
2022-10-11 14:15:00
nvd
nvd
CVE-2022-39271
2022-10-11 14:15:09
prion
prion
Code injection
2022-10-11 14:15:00
cvelist
cvelist
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00