CVE-2023-29013 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2023-29013 Interim 1 6 2025-08-06T01:36:07Z current 2023-04-17T23:14:21Z 2025-08-06T01:36:07Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2023-29013 Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This behavior could be exploited to cause a denial of service. This issue has been patched in versions 2.9.10 and 2.10.0-rc2. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed traefik-2.10.1-1.1 traefik2-2.11.5-1.1 traefik-2.10.1-1.1 as a component of openSUSE Tumbleweed traefik2-2.11.5-1.1 as a component of openSUSE Tumbleweed Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This behavior could be exploited to cause a denial of service. This issue has been patched in versions 2.9.10 and 2.10.0-rc2. CVE-2023-29013 openSUSE Tumbleweed:traefik-2.10.1-1.1 openSUSE Tumbleweed:traefik2-2.11.5-1.1 important 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H