CVE vulnerability CVE-2021-41103 and CVE-2021-43816

yasinb · February 8, 2022, 1:18pm

Our internal security analysis have flagged the below vulnerabilities while scanning traefik reverse proxy.

Component: containerd/containerd, ID: CVE-2021-41103, version: 2.5.4

Component: containerd/containerd, ID: CVE-2021-43816, version: 2.6.0

Can you please help us if the above vulnerability is applicable for the given component while using traefik reverse proxy?

ldez · February 9, 2022, 4:14pm

Hello,

Traefik is not affected by this CVE, it's a false-positive that some tools (like Trivy) detect.

Traefik uses containerd as a lib but not the part impacted by the CVE.

yasinb · February 9, 2022, 4:15pm

Thanks for confirmation.

system · February 12, 2022, 4:16pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
CVE vulnerability Traefik CVE-2022-29153 Traefik v2 cli	2	409	September 22, 2022
New Security Updates for Traefik 2.10 and 3.0.0-beta Traefik v2	2	1005	October 19, 2023
CVE vulnerability Traefik CVE-2022-41717 Traefik v2 file	2	337	December 7, 2022
Cve-2023-24534, cve-2023-24536 Traefik v2 kubernetes-ingress	2	451	April 12, 2023
New Security Updates for Traefik 2.9 and 2.10 Traefik v2	0	407	April 13, 2023