Security: traefik/traefik
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Fix CVE-2026-33186GHSA-46wh-3698-f2cx published
Mar 27, 2026 by nmenginHigh -
BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerFieldGHSA-qr99-7898-vr7c published
Mar 27, 2026 by nmenginModerate -
Ingress Rule Injection Allows Host Restriction Bypass in TraefikGHSA-67jx-r9pv-98rj published
Mar 27, 2026 by nmenginModerate -
Potential mTLS Bypass via Fragmented TLS ClientHello Causing Pre-SNI Sniff Fallback to Default Non-mTLS TLS ConfigGHSA-wvvq-wgcr-9q48 published
Mar 20, 2026 by nmenginHigh -
BasicAuth Middleware Timing Attack Allows Username EnumerationGHSA-g3hg-j4jv-cwfr published
Mar 20, 2026 by nmenginModerate -
HTTP/2 frames can cause a running server to panicGHSA-4hjq-9h5c-252j published
Mar 11, 2026 by nmenginHigh -
Kubernetes gateway rule injection via unescaped backticks in HTTPRoute match valuesGHSA-8q2w-wr49-whqj published
Mar 11, 2026 by nmenginModerate -
ForwardAuth Middleware Allows Unbounded Response Body, Causing Potential Denial of ServiceGHSA-fw45-f5q2-2p4x published
Mar 4, 2026 by emilevaugeModerate -
TLS Handshake Error Handling Allows Stalled Connections on TCP RoutersGHSA-xw98-5q62-jx94 published
Mar 4, 2026 by emilevaugeHigh -
Case-Sensitive Bypass in Connection Header Allows Removal of X-Forwarded HeadersGHSA-92mv-8f8w-wq52 published
Mar 4, 2026 by emilevaugeHigh