VYPR
High severityNVD Advisory· Published Apr 14, 2023· Updated Feb 13, 2025

HTTP header parsing could cause a deny of service

CVE-2023-29013

Description

Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This behavior could be exploited to cause a denial of service. This issue has been patched in versions 2.9.10 and 2.10.0-rc2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/traefik/traefik/v2Go
< 2.9.102.9.10
github.com/traefik/traefik/v2Go
>= 2.10.0-rc1, < 2.10.0-rc22.10.0-rc2

Affected products

4

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.