cbcvebase.
CVE-2024-28869
published 2024-04-12

CVE-2024-28869: Traefik is an HTTP reverse proxy and load balancer. In affected versions sending a GET request to any Traefik endpoint with the "Content-length" request header…

PriorityP343high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.05%
59.9th percentile
Traefik is an HTTP reverse proxy and load balancer. In affected versions sending a GET request to any Traefik endpoint with the "Content-length" request header results in an indefinite hang with the default configuration. This vulnerability can be exploited by attackers to induce a denial of service. This vulnerability has been addressed in version 2.11.2 and 3.0.0-rc5. Users are advised to upgrade. For affected versions, this vulnerability can be mitigated by configuring the readTimeout option.

Affected

6 ranges
VendorProductVersion rangeFixed in
github.comtraefik_traefik>= 0 < 2.11.22.11.2
github.comtraefik_traefik_v2>= 0 < 2.11.22.11.2
github.comtraefik_traefik_v3>= 3.0.0-beta3 < 3.0.0-rc53.0.0-rc5
traefiktraefik< 2.11.22.11.2
traefiktraefik
traefiktraefik

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.