GHSA-53q7-4874-24qg: Information Disclosure Vulnerability in Privacy Center of SERVER_SIDE_FIDES_API_URL

GHSA-gxrv-wf35-62w9: Bypassing IP allow-lists in traefik via HTTP/3 early data requests in QUIC 0-RTT handshakes

GHSA-m9gv-6p22-qgmj: ai-controller-frontend payment status in basket isn't reset

GHSA-fqpg-rq76-99pq: Panic in Pipeline when PgConn is busy or closed in github.com/jackc/pgx

GHSA-p9cg-vqcc-grcx: Server Side Request Forgery (SSRF) attack in Fedify

### Impact

There is a vulnerability in [Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability](https://nvd.nist.gov/vuln/detail/CVE-2024-35255).

### References

- [CVE-2024-35255](https://nvd.nist.gov/vuln/detail/CVE-2024-35255)

### Patches

- https://github.com/traefik/traefik/releases/tag/v2.11.5
- https://github.com/traefik/traefik/releases/tag/v3.0.3

### Workarounds

No workaround.

### For more information

If you have any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues).

**ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability**

Moderate severity GitHub Reviewed Published Jun 20, 2024 in traefik/traefik • Updated Jun 20, 2024

Headline

GHSA-rvj4-q8q5-8grf: ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability

Impact

References

Patches

Workarounds

For more information

ghsa: Latest News