CVE-2023-20882

Name of the Vulnerable Software and Affected Versions Cloud Foundry routing release versions 0.262.0 through 0.266.0

Description A bug in the gorouter process can cause a denial of service for applications hosted on Cloud Foundry. This occurs when client connections are closed prematurely, leading to the gorouter marking the currently selected backend as failed and removing it from the routing pool.

Recommendations For versions 0.262.0 through 0.266.0, update to a version later than 0.266.0 to resolve the issue. As a temporary workaround, consider implementing measures to prevent premature client connection closures to minimize the risk of exploitation.