Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
traefik traefik vulnerabilities and exploits
(subscribe to this query)
606
VMScore
CVE-2022-23632
Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security (TLS) configuration when the host header is a fully qualified domain name (FQDN). For a request, the TLS configuration choice can be different than the ro...
Traefik Traefik
Oracle Communications Unified Inventory Management 7.5.0
605
VMScore
CVE-2021-32813
Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.4.13, there exists a potential header vulnerability in Traefik's handling of the Connection header. Active exploitation of this issue is unlikely, as it requires that a removed header would lead to a priv...
Traefik Traefik
445
VMScore
CVE-2021-27375
Traefik prior to 2.4.5 allows the loading of IFRAME elements from other domains.
Containous Traefik
357
VMScore
CVE-2020-15129
In Traefik prior to 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik's handling of the "X-Forwarded-Prefix" header. The Traefik API dashboard component doesn't validate that the value of the header "X-Forwarded...
Traefik Traefik
Traefik Traefik 2.3.0
383
VMScore
CVE-2019-20894
Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERR_BAD_SSL_CLIENT_AUTH_CERT should have occurred.
Traefik Traefik
445
VMScore
CVE-2020-9321
configurationwatcher.go in Traefik 2.x prior to 2.1.4 and TraefikEE 2.0.0 mishandles the purging of certificate contents from providers before logging.
Traefik Traefik
Traefik Traefik 2.0.0
312
VMScore
CVE-2019-12452
types/types.go in Containous Traefik 1.7.x up to and including 1.7.11, when the --api flag is used and the API is publicly reachable and exposed without sufficient access control (which is contrary to the API documentation), allows remote authenticated users to discover password ...
Traefik Traefik
445
VMScore
CVE-2018-15598
Containous Traefik 1.6.x prior to 1.6.6, when --api is used, exposes the configuration and secret if authentication is missing and the API's port is publicly reachable.
Traefik Traefik
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2