======================================================================

                                  CERT-Renater

                     Note d'Information No. 2024/VULN533
_____________________________________________________________________

DATE                : 17/12/2024

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Traefik versions prior to 2.11.15,
                                           3.2.2.

=====================================================================
https://github.com/traefik/traefik/security/advisories/GHSA-hxr6-2p24-hf98
_____________________________________________________________________

Fix CVE-2024-53259
Moderate
nmengin published GHSA-hxr6-2p24-hf98 Dec 17, 2024

Package
Traefik (Go)

Affected versions
<= v2.11.14, <= v3.2.1

Patched versions
v2.11.15, v3.2.2


Description

There is a potential vulnerability in Traefik managing HTTP/3
connections.

More details in the CVE-2024-53259.


Patches

     https://github.com/traefik/traefik/releases/tag/v2.11.15
     https://github.com/traefik/traefik/releases/tag/v3.2.2


Workarounds

No workaround


For more information

If you have any questions or comments about this advisory,
please open an issue.


Severity
Moderate

CVE ID
CVE-2024-53259

Weaknesses
No CWEs



=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================