Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
| Link | Resource |
|---|---|
| https://github.com/traefik/traefik/releases/tag/v2.10.6 | Release Notes |
| https://github.com/traefik/traefik/releases/tag/v3.0.0-beta5 | Release Notes |
| https://github.com/traefik/traefik/security/advisories/GHSA-6fwg-jrfw-ff7p | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Dec 2023, 20:51
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | NVD-CWE-noinfo | |
| First Time |
Traefik traefik
Traefik |
|
| References | () https://github.com/traefik/traefik/security/advisories/GHSA-6fwg-jrfw-ff7p - Exploit, Third Party Advisory | |
| References | () https://github.com/traefik/traefik/releases/tag/v3.0.0-beta5 - Release Notes | |
| References | () https://github.com/traefik/traefik/releases/tag/v2.10.6 - Release Notes | |
| CPE | cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:* cpe:2.3:a:traefik:traefik:3.0.0:beta4:*:*:*:*:*:* cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:* cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:* cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
04 Dec 2023, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-12-04 21:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-47633
Mitre link : CVE-2023-47633
CVE.ORG link : CVE-2023-47633
JSON object : View
Products Affected
traefik
- traefik
CWE