CVE & CISA-KEV Catalog

CVE-2024-45410

CRITICALEPSS 71th pctl
9.8
CVSS v3
NVD

Description

Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the request is routed to the application. For a HTTP client, it should not be possible to remove or modify these headers. Since the application trusts the value of these headers, security implications might arise, if they can be modified. For HTTP/1.1, however, it was found that some of theses custom headers can indeed be removed and in certain cases manipulated. The attack relies on the HTTP/1.1 behavior, that headers can be defined as hop-by-hop via the HTTP Connection header. This issue has been addressed in release versions 2.11.9 and 3.1.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.

How to fix

Remediation Available
devspaces-techRocky
Fixed in:preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64RHSA-2025:8244
devspaces-techRed Hat / RHEL
Fixed in:preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64RHSA-2025:8244
devspaces-tech-preview/jetbrainsRed Hat / RHEL
Fixed in:ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390xRHSA-2025:8244
Fixed in:ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64leRHSA-2025:8244
Fixed in:ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64RHSA-2025:8244
devspaces-tech-preview/jetbrainsRocky
Fixed in:ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64RHSA-2025:8244
Fixed in:ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64leRHSA-2025:8244
Fixed in:ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390xRHSA-2025:8244
devspaces/codeRed Hat / RHEL
Fixed in:rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390xRHSA-2025:8244
Fixed in:rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64RHSA-2025:8244
devspaces/codeRocky
Fixed in:rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390xRHSA-2025:8244
Fixed in:rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64RHSA-2025:8244
Fixed in:rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64leRHSA-2025:8244
devspaces/configbumpRocky
Fixed in:rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64RHSA-2025:8244
Fixed in:rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390xRHSA-2025:8244
devspaces/configbumpRed Hat / RHEL
Fixed in:rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390xRHSA-2025:8244
Fixed in:rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64RHSA-2025:8244
devspaces/dashboardRocky
Fixed in:rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390xRHSA-2025:8244
Fixed in:rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64RHSA-2025:8244
devspaces/dashboardRed Hat / RHEL
Fixed in:rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390xRHSA-2025:8244
Fixed in:rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64RHSA-2025:8244
Fixed in:rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64leRHSA-2025:8244
devspaces/devspacesRed Hat / RHEL
Fixed in:operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64leRHSA-2025:8244
Fixed in:rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64leRHSA-2025:8244
Fixed in:operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64RHSA-2025:8244
Fixed in:rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64RHSA-2025:8244
Fixed in:rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390xRHSA-2025:8244
Fixed in:operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390xRHSA-2025:8244
devspaces/devspacesRocky
Fixed in:rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390xRHSA-2025:8244
Fixed in:operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64RHSA-2025:8244
Fixed in:rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64RHSA-2025:8244
Fixed in:rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64leRHSA-2025:8244
Fixed in:operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64leRHSA-2025:8244
Fixed in:operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390xRHSA-2025:8244
devspaces/imagepullerRocky
Fixed in:rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390xRHSA-2025:8244
Fixed in:rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64RHSA-2025:8244
devspaces/imagepullerRed Hat / RHEL
Fixed in:rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64RHSA-2025:8244
Fixed in:rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390xRHSA-2025:8244
Fixed in:rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64leRHSA-2025:8244
devspaces/machineexecRed Hat / RHEL
Fixed in:rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64RHSA-2025:8244
Fixed in:rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390xRHSA-2025:8244
devspaces/machineexecRocky
Fixed in:rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390xRHSA-2025:8244
Fixed in:rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64RHSA-2025:8244
devspaces/pluginregistryRocky
Fixed in:rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390xRHSA-2025:8244
Fixed in:rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64RHSA-2025:8244
devspaces/pluginregistryRed Hat / RHEL
Fixed in:rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390xRHSA-2025:8244
Fixed in:rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64RHSA-2025:8244
devspaces/serverRed Hat / RHEL
Fixed in:rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390xRHSA-2025:8244
Fixed in:rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64RHSA-2025:8244
devspaces/serverRocky
Fixed in:rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64RHSA-2025:8244
Fixed in:rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390xRHSA-2025:8244
Fixed in:rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64leRHSA-2025:8244
devspaces/traefikRed Hat / RHEL
Fixed in:rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64RHSA-2025:8244
Fixed in:rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390xRHSA-2025:8244
devspaces/traefikRocky
Fixed in:rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390xRHSA-2025:8244
Fixed in:rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64RHSA-2025:8244
devspaces/udiRocky
Fixed in:rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390xRHSA-2025:8244
Fixed in:base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64leRHSA-2025:8244
Fixed in:base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390xRHSA-2025:8244
Fixed in:base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64RHSA-2025:8244
Fixed in:rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64RHSA-2025:8244
devspaces/udiRed Hat / RHEL
Fixed in:rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64RHSA-2025:8244
Fixed in:base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64RHSA-2025:8244
Fixed in:rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64leRHSA-2025:8244
Fixed in:base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64leRHSA-2025:8244
Fixed in:rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390xRHSA-2025:8244
Fixed in:base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390xRHSA-2025:8244

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

1.51%probability of exploitation in 30 days
71stpercentile

Elevated risk: more likely to be exploited than 71% of all known CVEs.

References

Vendor Advisory1
Release Notes2
Embed a live status badge for CVE-2024-45410
CVE-2024-45410 severity badge

Markdown

[![CVE-2024-45410](https://tridentstack.com/cve/badge/CVE-2024-45410.svg)](https://tridentstack.com/cve/CVE-2024-45410)

HTML

<a href="https://tridentstack.com/cve/CVE-2024-45410"><img src="https://tridentstack.com/cve/badge/CVE-2024-45410.svg" alt="CVE-2024-45410"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-09-25.