Traefik is an HTTP reverse proxy and load balancer. Versions prior to 2.11.6, 3.0.4, and 3.1.0-rc3 have a vulnerability that allows bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes sent with spoofed IP addresses. Versions 2.11.6, 3.0.4, and 3.1.0-rc3 contain a patch for this issue. No known workarounds are available.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-07-05T17:32:06.688Z

Updated: 2024-08-02T04:19:20.719Z

Reserved: 2024-06-21T18:15:22.263Z

Link: CVE-2024-39321

cve-icon Vulnrichment

Updated: 2024-07-05T20:07:09.952Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-07-05T18:15:32.430

Modified: 2024-11-21T09:27:27.390

Link: CVE-2024-39321

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-07-04T00:00:00Z

Links: CVE-2024-39321 - Bugzilla