Vulnerability Database

296,480

Total vulnerabilities in the database

Traefik affected by Go oauth2/jws Improper Validation of Syntactic Correctness of Input vulnerability

Summary

We have encountered a security vulnerability being reported by our scanners for Traefik 2.11.22.

  • https://security.snyk.io/vuln/SNYK-CHAINGUARDLATEST-TRAEFIK33-9403297

Details

It seems to target oauth2/jws library.

PoC

No steps to replicate this vulnerability

Impact

We have a strict control on security and we always try to stay up-to-date with the fixes received for third-party solutions.

Patches

  • https://github.com/traefik/traefik/releases/tag/v2.11.24
  • https://github.com/traefik/traefik/releases/tag/v3.3.6
  • https://github.com/traefik/traefik/releases/tag/v3.4.0-rc2

CVSS v3:

  • Severity: Unknown
  • Score:
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H