PT-2024-3308 · Traefik+1 · Traefik+1

Prajithp

Published

2024-03-11

Updated

2025-11-26

CVE-2024-28869

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.2 Traefik versions prior to 3.0.0-rc5

Description The issue is related to insufficient handling of exceptional states when processing Content-Length headers, resulting in an indefinite hang with the default configuration. This can be exploited by attackers to induce a denial of service. Sending a GET request to any Traefik endpoint with the Content-length request header results in this hang.

Recommendations For versions prior to 2.11.2, upgrade to version 2.11.2 or later. For versions prior to 3.0.0-rc5, upgrade to version 3.0.0-rc5 or later. As a temporary workaround, consider configuring the readTimeout option to mitigate the vulnerability.

Exploit

Fix

DoS

Improper Resource Release

Improper Handling of Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-755

Related Identifiers

ALSA-2024_4212

ALSA-2024_4237

ALSA-2024_5291

ALSA-2024_9115

ALSA-2025_16880

ALSA-2025_7256

ALT-PU-2024-16593

ALT-PU-2024-16754

ALT-PU-2024-7595

BDU:2024-03542

CVE-2024-28869

ECHO-F160-1DEB-C3B0

GHSA-4VWX-54MW-VQFW

GO-2024-2722

OPENSUSE-SU-2024:13927-1

OPENSUSE-SU-2024:14076-1

Affected Products

Alt Linux

Traefik

PT-2024-3308 · Traefik+1 · Traefik+1

CVE-2024-28869

Weakness Enumeration

Related Identifiers

Affected Products

References · 35