- EPSS 0.26%
- Veröffentlicht 06.07.2026 20:33:36
- Zuletzt bearbeitet 08.07.2026 20:16:52
Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's BasicAuth, DigestAuth, and ForwardAuth middlewares strip canonical-cased spoofed identity headers before writing Traefik's own value, but do not acc...
CVE-2026-54765
- EPSS 0.35%
- Veröffentlicht 06.07.2026 20:27:32
- Zuletzt bearbeitet 08.07.2026 03:01:20
Traefik is an open source HTTP reverse proxy and load balancer. From v3.7.0 prior to v3.7.6, Traefik's Kubernetes Gateway API provider may resolve two accepted HTTPRoutes that target the same backend Service:port but configure different backendRef fi...
CVE-2026-54764
- EPSS 0.29%
- Veröffentlicht 06.07.2026 20:20:29
- Zuletzt bearbeitet 08.07.2026 03:01:46
Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's ForwardAuth middleware, even when configured with trustForwardHeader: false, derives the X-Forwarded-Port header sent to the authentication service ...
CVE-2026-54762
- EPSS 0.36%
- Veröffentlicht 23.06.2026 19:17:07
- Zuletzt bearbeitet 26.06.2026 16:37:18
Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to fail open. When an Ingress explicitly enables Basi...
CVE-2026-54761
- EPSS 0.32%
- Veröffentlicht 23.06.2026 19:15:38
- Zuletzt bearbeitet 26.06.2026 16:37:51
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple ...
- EPSS 0.24%
- Veröffentlicht 23.06.2026 19:13:28
- Zuletzt bearbeitet 30.06.2026 03:20:59
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 (QUIC) TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. When HTTP/3 i...
- EPSS 0.25%
- Veröffentlicht 23.06.2026 19:12:10
- Zuletzt bearbeitet 30.06.2026 03:20:26
Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection (SNICheck) that allows an unauthenticated client to bypass mutual TLS enforced through wildcard...
- EPSS 0.59%
- Veröffentlicht 23.06.2026 19:10:31
- Zuletzt bearbeitet 30.06.2026 03:20:25
Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.48, 3.6.19, and 3.7.3, there is a high severity vulnerability in Traefik's StripPrefix middleware that allows an unauthenticated attacker to bypass route-level authentication and autho...
CVE-2023-54365
- EPSS 0.57%
- Veröffentlicht 23.06.2026 12:12:51
- Zuletzt bearbeitet 08.07.2026 18:12:47
Traefik before 2.10.5 and 3.0.0-beta4 is affected by a denial-of-service vulnerability in HTTP/2 request handling inherited from the Go standard library's HTTP/2 implementation (CVE-2023-44487 / CVE-2023-39325, the 'Rapid Reset' technique). A remote ...
CVE-2026-44774
- EPSS 0.46%
- Veröffentlicht 15.05.2026 16:30:43
- Zuletzt bearbeitet 09.07.2026 13:17:19
Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.46, 3.6.17, and 3.7.1, Traefik's Kubernetes Gateway API provider allows a tenant with HTTPRoute creation permissions to expose the REST provider handler, bypassing the providers.rest.i...