CVE vulnerability CVE-2021-41103 and CVE-2021-43816

yasinb · February 8, 2022, 1:18pm

Our internal security analysis have flagged the below vulnerabilities while scanning traefik reverse proxy.

Component: containerd/containerd, ID: CVE-2021-41103, version: 2.5.4

Component: containerd/containerd, ID: CVE-2021-43816, version: 2.6.0

Can you please help us if the above vulnerability is applicable for the given component while using traefik reverse proxy?

ldez · February 9, 2022, 4:14pm

Hello,

Traefik is not affected by this CVE, it's a false-positive that some tools (like Trivy) detect.

Traefik uses containerd as a lib but not the part impacted by the CVE.

yasinb · February 9, 2022, 4:15pm

Thanks for confirmation.

system · February 12, 2022, 4:16pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
CVE vulnerability for Image traefik:v2.8.1 CVE-2022-2097, CVE-2022-23648 , CVE-2022-31030, CVE-2022-29153 & CVE-2022-24687 Traefik v2 kubernetes-ingress , middleware	7	995	September 30, 2022
CVE vulnerability Traefik CVE-2022-29153 Traefik v2 cli	2	452	September 22, 2022
Several CVE's present on the latest traefik version Traefik v2	2	466	November 1, 2023
CVE vulnerabilities for traefik:v2.9.5 - CVE-2021-41803, CVE-2022-40716, CVE-2022-32149 Traefik v2 kubernetes-ingress , middleware	2	873	December 9, 2022
New Security Updates for Traefik 2.10 and 3.0.0-beta Traefik v2	2	1278	October 19, 2023