Lucene search

FreeBSD219AAA1E-2AFF-11EF-AB37-5404A68AD561

HistoryJun 05, 2024 - 12:00 a.m.

traefik -- Unexpected behavior with IPv4-mapped IPv6 addresses

2024-06-0500:00:00

vuxml.freebsd.org

traefik

vulnerability

ipv4-mapped ipv6 addresses

is methods

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

26.9%

JSON

The traefik authors report:

There is a vulnerability in Go managing various Is methods
(IsPrivate, IsLoopback, etc) for IPv4-mapped IPv6 addresses.
They didn’t work as expected returning false for addresses
which would return true in their traditional IPv4 forms.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchtraefik< 2.11.4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	traefik	< 2.11.4	UNKNOWN

References

github.com/traefik/traefik/security/advisories/GHSA-7jmw-8259-q9jx

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

26.9%

JSON

Related for 219AAA1E-2AFF-11EF-AB37-5404A68AD561