GMS-2023-3451: Traefik vulnerable to HTTP/2 request causing denial of service
Impact
A vulnerability CVE-2023-39325 exists in Go managing HTTP/2 requests, which impacts Traefik. This vulnerability could be exploited to cause a denial of service.
References
Patches
- https://github.com/traefik/traefik/releases/tag/v2.10.5
- https://github.com/traefik/traefik/releases/tag/v3.0.0-beta4
References
Detect and mitigate GMS-2023-3451 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →