Affected by GO-2022-0325
and 12 other vulnerabilities
GO-2022-0325 : Skip the router TLS configuration when the host header is an FQDN in github.com/traefik/traefik
GO-2022-1152 : Traefik routes exposed with an empty TLSOption in github.com/traefik/traefik
GO-2022-1154 : Traefik may display authorization header in the debug logs in github.com/traefik/traefik
GO-2023-2376 : Traefik incorrectly processes fragment in the URL, leads to Authorization Bypass in github.com/traefik/traefik
GO-2023-2377 : Traefik docker container using 100% CPU in github.com/traefik/traefik
GO-2023-2381 : Traefik vulnerable to potential DDoS via ACME HTTPChallenge in github.com/traefik/traefik
GO-2024-2722 : Traefik vulnerable to denial of service with Content-length header in github.com/traefik/traefik
GO-2024-2726 : Traefik affected by HTTP/2 CONTINUATION flood in net/http in github.com/traefik/traefik
GO-2024-2880 : Traefik vulnerable to GO issue allowing malformed DNS message to cause infinite loop in github.com/traefik/traefik
GO-2024-2917 : Traefik has unexpected behavior with IPv4-mapped IPv6 addresses in github.com/traefik/traefik
GO-2024-2941 : ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/traefik/traefik
GO-2024-2973 : Bypassing IP allow-lists in traefik via HTTP/3 early data requests in QUIC 0-RTT handshakes in github.com/traefik/traefik
GO-2024-3135 : HTTP client can manipulate custom HTTP headers that are added by Traefik in github.com/traefik/traefik
The highest tagged major version is
v3 .
Discover Packages
github.com/traefik/traefik/v2
pkg
middlewares
headers
package
Version:
v2.4.13
Opens a new window with list of versions in this module.
Published: Jul 30, 2021
License: MIT
Opens a new window with license information.
Imports: 16
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
Documentation
¶
New creates a Headers middleware.
Header is a middleware that helps setup a few basic security features.
A single headerOptions struct can be provided to configure which features should be enabled,
and the ability to override a few of the default values.
NewHeader constructs a new header instance from supplied frontend header struct.
PostRequestModifyResponseHeaders set or delete response headers.
This method is called AFTER the response is generated from the backend
and can merge/override headers from the backend response.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.