GHSA-vm62-9jw3-c8w3: Gogs has an argument Injection in the built-in SSH server

GHSA-9pp6-wq8c-3w2c: Gogs allows argument injection during the previewing of changes

GHSA-ccqv-43vm-4f3w: Gogs allows deletion of internal files

GHSA-m27m-h5gj-wwmg: Gogs allows argument Injection when tagging new releases

GHSA-wrw7-89jp-8q8g: Unsoundness in `Iterator` and `DoubleEndedIterator` impls for `glib::VariantStrIter`

There is a potential vulnerability in Traefik managing HTTP/3 connections.

More details in the [CVE-2024-53259](https://nvd.nist.gov/vuln/detail/CVE-2024-53259).

## Patches

- https://github.com/traefik/traefik/releases/tag/v2.11.15
- https://github.com/traefik/traefik/releases/tag/v3.2.2

## Workarounds

No workaround

## For more information

If you have any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues).

**Traefik affected by CVE-2024-53259**

Moderate severity GitHub Reviewed Published Dec 17, 2024 in traefik/traefik • Updated Dec 17, 2024

Headline

GHSA-hxr6-2p24-hf98: Traefik affected by CVE-2024-53259

Patches

Workarounds

For more information

ghsa: Latest News