-
Notifications
You must be signed in to change notification settings - Fork 5.1k
Security: traefik/traefik
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
HTTP client can remove the X-Forwarded headersGHSA-62c8-mh53-4cqv published
Sep 19, 2024 by nmenginCritical -
Bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakesGHSA-gxrv-wf35-62w9 published
Jul 4, 2024 by nmenginHigh -
ACME DNS: Azure Identity Libraries Elevation of Privilege VulnerabilityGHSA-rvj4-q8q5-8grf published
Jun 20, 2024 by nmenginModerate -
Unexpected behavior with IPv4-mapped IPv6 addressesGHSA-7jmw-8259-q9jx published
Jun 11, 2024 by nmenginModerate -
Malformed DNS message can cause infinite loopGHSA-f7cq-5v43-8pwp published
May 23, 2024 by nmenginModerate -
Fix CVE-2023-45288 - HTTP/2 CONTINUATION flood in net/httpGHSA-7f4j-64p6-5h5v published
Apr 15, 2024 by nmenginModerate -
Possible DoS vulnerability with Content-length headerGHSA-4vwx-54mw-vqfw published
Apr 12, 2024 by mmaturHigh -
Potential DDoS whith ACME HTTPChallengeGHSA-8g85-whqh-cr2f published
Dec 4, 2023 by nmenginModerate -
Uses 100% CPU after request to with host `traefik-service`GHSA-6fwg-jrfw-ff7p published
Dec 4, 2023 by nmenginModerate -
Incorrect processing of fragment in the URL leads to Authorization BypassGHSA-fvhj-4qfh-q2hm published
Dec 4, 2023 by nmenginLow