Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Traefik HTTP/2 connections management could cause a denial of service
Vulnerability Description
Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer that assists in deploying microservices. There is a potential vulnerability in Traefik managing HTTP/2 connections. A closing HTTP/2 server connection could hang forever because of a subsequent fatal error. This failure mode could be exploited to cause a denial of service. There has been a patch released in versions 2.8.8 and 2.9.0-rc5. There are currently no known workarounds.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Containous Traefik 资源管理错误漏洞
Vulnerability Description
Containous Traefik是美国Containous公司的一款反向代理和负载平衡器。 Containous Traefik 2.8.8之前版本、2.9.0-rc5之前版本存在资源管理错误漏洞,该漏洞源于发生致命错误,关闭的HTTP/2服务器连接可能会永久挂起。
CVSS Information
N/A
Vulnerability Type
N/A