Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-47633

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Published

2023-12-04T21:15:34.063

Last Modified

2024-11-21T08:30:34.263

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-400
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	traefik	traefik	≤ 2.10.5	Yes
Application	traefik	traefik	3.0.0	Yes
Application	traefik	traefik	3.0.0	Yes
Application	traefik	traefik	3.0.0	Yes
Application	traefik	traefik	3.0.0	Yes

References

https://github.com/traefik/traefik/releases/tag/v2.10.6 Release Notes ([email protected])
https://github.com/traefik/traefik/releases/tag/v3.0.0-beta5 Release Notes ([email protected])
https://github.com/traefik/traefik/security/advisories/GHSA-6fwg-jrfw-ff7p Exploit, Third Party Advisory ([email protected])
https://github.com/traefik/traefik/releases/tag/v2.10.6 Release Notes (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/traefik/traefik/releases/tag/v3.0.0-beta5 Release Notes (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/traefik/traefik/security/advisories/GHSA-6fwg-jrfw-ff7p Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)