GO-2022-0325: Skip the router TLS configuration when the host header is an FQDN in github.com/traefik/traefik
GO-2022-0808: Improper Certificate Handling in github.com/containous/traefik
GO-2022-0923: Header dropping in traefik in github.com/traefik/traefik
GO-2022-1152: Traefik routes exposed with an empty TLSOption in github.com/traefik/traefik
GO-2022-1154: Traefik may display authorization header in the debug logs in github.com/traefik/traefik
GO-2023-1919: Containous Traefik Exposes Password Hashes in github.com/traefik/traefik
GO-2023-2376: Traefik incorrectly processes fragment in the URL, leads to Authorization Bypass in github.com/traefik/traefik
GO-2023-2377: Traefik docker container using 100% CPU in github.com/traefik/traefik
GO-2023-2381: Traefik vulnerable to potential DDoS via ACME HTTPChallenge in github.com/traefik/traefik
GO-2024-2722: Traefik vulnerable to denial of service with Content-length header in github.com/traefik/traefik
GO-2024-2726: Traefik affected by HTTP/2 CONTINUATION flood in net/http in github.com/traefik/traefik
GO-2024-2880: Traefik vulnerable to GO issue allowing malformed DNS message to cause infinite loop in github.com/traefik/traefik
GO-2024-2917: Traefik has unexpected behavior with IPv4-mapped IPv6 addresses in github.com/traefik/traefik
GO-2024-2941: ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/traefik/traefik
GO-2024-2973: Bypassing IP allow-lists in traefik via HTTP/3 early data requests in QUIC 0-RTT handshakes in github.com/traefik/traefik
GO-2024-3135: HTTP client can manipulate custom HTTP headers that are added by Traefik in github.com/traefik/traefik
GO-2024-3299: Traefik's X-Forwarded-Prefix Header still allows for Open Redirect in github.com/traefik/traefik
GO-2024-3342: Traefik affected by CVE-2024-53259 in github.com/traefik/traefik
GO-2025-3627: Traefik affected by Go HTTP Request Smuggling Vulnerability in github.com/traefik/traefik
GO-2025-3634: Traefik has a possible vulnerability with the path matchers in github.com/traefik/traefik
GO-2025-3719: Traefik allows path traversal using url encoding in github.com/traefik/traefik
GO-2025-3835: Traefik Client Plugin's Path Traversal Vulnerability Allows Arbitrary File Overwrite and Remote Code Execution in github.com/traefik/traefik
GO-2025-4205: Traefik Inverted TLS Verification Logic in ingress-nginx Provider in github.com/traefik/traefik
GO-2025-4206: Path Normalization Bypass in Traefik Router + Middleware Rules in github.com/traefik/traefik
GO-2026-4322: Traefik's ACME TLS-ALPN fast path lacks timeouts and close on handshake stall in github.com/traefik/traefik
GO-2026-4484: Traefik: TCP readTimeout bypass via STARTTLS on Postgres in github.com/traefik/traefik
GO-2026-4530: Traefik affected by TLS ClientAuth Bypass on HTTP/3 in github.com/traefik/traefik
GO-2026-4593: Traefik has unbounded io.ReadAll on auth server response body that causes OOM DOS in github.com/traefik/traefik
GO-2026-4594: Traefik: tcp router clears read deadlines before tls forwarding, enabling stalled handshakes (Slowloris DOS) in github.com/traefik/traefik
GO-2026-4597: traefik CVE-2024-45410 fix bypass: lowercase `Connection` tokens can delete traefik-managed forwarded identity headers (for example, `X-Real-Ip`) in github.com/traefik/traefik
GO-2026-4679: Traefik: kubernetes gateway rule injection via unescaped backticks in HTTPRoute match values in github.com/traefik/traefik
GO-2026-4684: Traefik: HTTP/2 frames can cause a running server to panic in github.com/traefik/traefik
GO-2026-4792: Traefik Affected by BasicAuth Middleware Timing Attack Allows Username Enumeration in github.com/traefik/traefik
GO-2026-4793: Traefik has a Potential mTLS Bypass via Fragmented TLS ClientHello Causing Pre-SNI Sniff Fallback to Default Non-mTLS TLS Config in github.com/traefik/traefik
The highest tagged major version is
Documentation
¶
Source Files
¶
Directories