Vulnerability Database
Blog
FAQ
Docs
GO-2023-2381
See a problem?
Please try reporting it
to the source
first.
Source
https://pkg.go.dev/vuln/GO-2023-2381
Import Source
https://vuln.go.dev/ID/GO-2023-2381.json
JSON Data
https://api.osv.dev/v1/vulns/GO-2023-2381
Aliases
CVE-2023-47124
GHSA-8g85-whqh-cr2f
Published
2024-08-21T14:30:24Z
Modified
2024-09-11T06:12:55.668636Z
Summary
Traefik vulnerable to potential DDoS via ACME HTTPChallenge in github.com/traefik/traefik
Details
Traefik vulnerable to potential DDoS via ACME HTTPChallenge in github.com/traefik/traefik
References
https://github.com/traefik/traefik/security/advisories/GHSA-8g85-whqh-cr2f
https://nvd.nist.gov/vuln/detail/CVE-2023-47124
https://doc.traefik.io/traefik/https/acme/#dnschallenge
https://doc.traefik.io/traefik/https/acme/#httpchallenge
https://doc.traefik.io/traefik/https/acme/#tlschallenge
https://github.com/traefik/traefik/releases/tag/v2.10.6
https://github.com/traefik/traefik/releases/tag/v3.0.0-beta5
https://www.cloudflare.com/learning/ddos/ddos-attack-tools/slowloris
Affected packages
Go
/
github.com/traefik/traefik
Package
Name
github.com/traefik/traefik
View open source insights on deps.dev
Purl
pkg:golang/github.com/traefik/traefik
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Go
/
github.com/traefik/traefik/v2
Package
Name
github.com/traefik/traefik/v2
View open source insights on deps.dev
Purl
pkg:golang/github.com/traefik/traefik/v2
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2.10.6
Go
/
github.com/traefik/traefik/v3
Package
Name
github.com/traefik/traefik/v3
View open source insights on deps.dev
Purl
pkg:golang/github.com/traefik/traefik/v3
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3.0.0-beta5
GO-2023-2381 - OSV