Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.66 views

Traefik 2.11.x < 2.11.38 / 3.x < 3.6.9 Connection Header Bypass

The version of Traefik installed on the remote macOS host is 2.11.x prior to 2.11.38 or 3.x prior to 3.6.9. It is, therefore, affected by a vulnerability: - A flaw exists in HTTP/1.1 request handling due to case-sensitive comparison of Connection header tokens against protected header names. An...

7.5CVSS7.6AI score0.00467EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/05 9:13 p.m.1 views

Improper Handling of Case Sensitivity

Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity in the processing of HTTP/1.1 requests when handling the Connection header with X-Forwarded headers. An attacker can cause the removal of forwarded identity headers by sending requests with lowercas...

9.8CVSS7.3AI score0.01513EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/05 4:15 p.m.2 views

Missing Release of Resource after Effective Lifetime

Overview github.com/traefik/traefik/v2/pkg/server/router/tcp is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy. Traefik integrates with your existing infrastructure components Docker, Swarm mode, Kubernetes, Marathon, Consul, Etcd, Rancher, Amazon ECS, ... a...

9.2CVSS5.9AI score0.00539EPSS
Exploits0References2
CVE
CVE
added 2026/03/05 4:15 p.m.32 views

CVE-2026-26999

CVE-2026-26999 (Traefik) : A TLS handshake handling flaw on TCP routers may cause handshake stalls. When Traefik processes a TLS connection on a TCP router, the read deadline used for protocol sniffing can be cleared before the TLS handshake completes. If a TLS handshake read error occurs, the co...

7.5CVSS6AI score0.00539EPSS
Exploits0References7Affected Software1
AlpineLinux
AlpineLinux
added 2026/03/05 4:15 p.m.3 views

CVE-2026-26999

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a TLS connection on a TCP router, the read deadline used to bound protocol sniffing is cleared befor...

7.5CVSS5.8AI score0.00539EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/05 4:15 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to unbounded processing of responses in the ForwardAuth middleware due to the lack of restrictions for maxResponseBodySize configuration. An attacker can cause resource exhaustion...

6.9CVSS5.8AI score0.00451EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/05 4:15 p.m.33 views

CVE-2026-26998 Traefik: unbounded io.ReadAll on auth server response body causes OOM denial of service(DOS)

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing the ForwardAuth middleware responses. When Traefik is configured to use the ForwardAuth middleware, the response body from the authentication server is...

4.4CVSS0.00451EPSS
Exploits0References3
OSV
OSV
added 2026/03/05 4:15 p.m.5 views

CVE-2026-26998 Traefik: unbounded io.ReadAll on auth server response body causes OOM denial of service(DOS)

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing the ForwardAuth middleware responses. When Traefik is configured to use the ForwardAuth middleware, the response body from the authentication server is...

4.4CVSS5.9AI score0.00451EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/05 4:15 p.m.4 views

CVE-2026-26998 Traefik: unbounded io.ReadAll on auth server response body causes OOM denial of service(DOS)

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing the ForwardAuth middleware responses. When Traefik is configured to use the ForwardAuth middleware, the response body from the authentication server is...

4.4CVSS5.7AI score0.00451EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.8 views

PT-2026-23084

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.38 and versions prior to 3.6.9 Description Traefik, an HTTP reverse proxy and load balancer, has an issue in its handling of TLS handshakes on TCP routers. The read deadline used for protocol sniffing is cleared...

9.9CVSS6.1AI score0.22162EPSS
Exploits70References138
Rows per page
Query Builder