github.com/traefik/traefik vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-54761Mediumgithub.com/traefik/traefik/v3: Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik servicesCVE-2026-53622HighTraefik: Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case hostsCVE-2026-44774Mediumgithub.com/traefik/traefik/v3: Traefik: Gateway API TraefikService backend accepts rest@internal, allowing unauthorized exposure of the REST provider despite…CVE-2026-41263Mediumgithub.com/traefik/traefik/v3: Traefik: A timing side-channel vulnerability allows for valid username enumeration via BasicAuth middlewareCVE-2026-41174Mediumgithub.com/traefik/traefik/v3: Traefik Kubernetes CRD allows unauthorized cross-namespace middleware bindingCVE-2026-40912Highgithub.com/traefik/traefik/v3: Traefik has an StripPrefixRegex Middleware Authorization Bypass via Path/RawPath DesyncCVE-2026-39858Highgithub.com/traefik/traefik/v3: Traefik: Pre-authentication decision bypass due to forwarded alias spoofingCVE-2026-35051Highgithub.com/traefik/traefik/v3: Traefik's ForwardAuth trustForwardHeader=false allows spoofed X-Forwarded-Prefix to bypass authenticationCVE-2026-32595Mediumgithub.com/traefik/traefik: Traefik Affected by BasicAuth Middleware Timing Attack Allows Username EnumerationCVE-2026-32305Highgithub.com/traefik/traefik/v3: Traefik has a Potential mTLS Bypass via Fragmented TLS ClientHello Causing Pre-SNI Sniff Fallback to Default Non-mTLS TLS ConfigCVE-2026-29777Mediumgithub.com/traefik/traefik/v3: Traefik: kubernetes gateway rule injection via unescaped backticks in HTTPRoute match valuesGHSA-GV8R-9RW9-9697Highgithub.com/traefik/traefik: Traefik affected by TLS ClientAuth Bypass on HTTP/3CVE-2025-66490Mediumgithub.com/traefik/traefik: Path Normalization Bypass in Traefik Router + Middleware RulesCVE-2025-47952Lowgithub.com/traefik/traefik/v3: Traefik allows path traversal using url encodingCVE-2025-32431Highgithub.com/traefik/traefik: Traefik has a possible vulnerability with its path matchersCVE-2024-45410Criticalgithub.com/traefik/traefik/v3: HTTP client can manipulate custom HTTP headers that are added by TraefikGHSA-7JMW-8259-Q9JXMediumgithub.com/traefik/traefik/v3: Traefik has unexpected behavior with IPv4-mapped IPv6 addressesGHSA-F7CQ-5V43-8PWPMediumgithub.com/traefik/traefik/v2: Traefik vulnerable to GO issue allowing malformed DNS message to cause infinite loopCVE-2024-28869Highgithub.com/traefik/traefik/v3: Traefik vulnerable to denial of service with Content-length headerGHSA-7V4P-328V-8V5GMediumgithub.com/traefik/traefik: Traefik vulnerable to HTTP/2 request causing denial of service CVE-2019-12452Highgithub.com/traefik/traefik: Containous Traefik Exposes Password HashesCVE-2018-15598Highgithub.com/traefik/traefik: Traefik Missing AuthenticationCVE-2020-15129Mediumgithub.com/traefik/traefik: Traefik vulnerable to Open Redirect via handling of X-Forwarded-Prefix headerCVE-2020-9321Mediumgithub.com/traefik/traefik: Traefik has an Improper Certificate Handling issueCVE-2021-32813Mediumgithub.com/traefik/traefik/v2: Header dropping in traefik

Stop the waste.
Protect your environment with Kodem.