Lucene search

Traefik incorrectly processes fragment in the URL, leads to Authorization Bypass

🗓️ 05 Dec 2023 18:48:11Reported by GoogleType

osv🔗 osv.dev👁 14 Views

Traefik mishandles URL fragments, enabling Authorization Bypas

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 15
Wolfi	CVE-2023-47106 vulnerabilities	4 Dec 202321:15	–	wolfi
Prion	Improper access control	4 Dec 202321:15	–	prion
OSV	GO-2023-2376 Traefik incorrectly processes fragment in the URL, leads to Authorization Bypass in github.com/traefik/traefik	21 Aug 202414:30	–	osv
OSV	CGA-PPMM-35W3-P2W7	6 Jun 202412:26	–	osv
OSV	CVE-2023-47106	4 Dec 202321:15	–	osv
OSV	CGA-CJ3C-XRGP-7454	6 Jun 202412:25	–	osv
OSV	OPENSUSE-SU-2024:13506-1 traefik-2.10.7-1.1 on GA media	15 Jun 202400:00	–	osv
OSV	OPENSUSE-SU-2024:14076-1 traefik2-2.11.5-1.1 on GA media	24 Jun 202400:00	–	osv
Chainguard	CVE-2023-47106 vulnerabilities	4 Dec 202321:15	–	cgr
Cvelist	CVE-2023-47106 Incorrect processing of fragment in the URL leads to Authorization Bypass in Traefik	4 Dec 202320:26	–	cvelist

Source	Link
github	www.github.com/traefik/traefik/security/advisories/GHSA-fvhj-4qfh-q2hm
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-47106
datatracker	www.datatracker.ietf.org/doc/html/rfc7230
github	www.github.com/traefik/traefik
github	www.github.com/traefik/traefik/releases/tag/v2.10.6
github	www.github.com/traefik/traefik/releases/tag/v3.0.0-beta5

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Dec 2023 18:11Current

7High risk

Vulners AI Score7

CVSS36.5

EPSS0.00072