30 matches found
CVE-2026-54761
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlis...
CVE-2026-54761
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlis...
CVE-2026-54761
CVE-2026-54761 – Traefik Kubernetes Gateway crossProviderNamespaces bypass : The issue allows an HTTPRoute outside the allow-listed namespace to expose internal Traefik services (e.g., api@internal, dashboard@internal, rest@internal) via cross-provider TraefikService references when the route use...
CVE-2026-54761 Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlis...
Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services
Summary There is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlist against the target backendRef.namespace instead of the route's own...
GHSA-3G6V-2R68-PRFC Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services
Summary There is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces allowlist. For HTTPRoute rules that declare multiple WRR backendRefs, Traefik evaluates the allowlist against the target backendRef.namespace instead of the route's own...
PT-2026-50495
Name of the Vulnerable Software and Affected Versions Traefik versions prior to 3.6.21 Traefik versions prior to 3.7.5 Description An issue exists in the Kubernetes Gateway provider regarding the crossProviderNamespaces allowlist. When HTTPRoute rules declare multiple backendRefs Weighted Round...
CVE-2026-44774
A flaw was found in Traefik. A low-privileged tenant with HTTPRoute creation permissions in Traefik's Kubernetes Gateway API provider can bypass security settings. This allows the tenant to expose the REST provider handler and gain live dynamic configuration write access to Traefik. This...
CVE-2026-40898 vulnerabilities
Vulnerabilities for packages: kyverno-policy-reporter-ui, kubernetes-dns-node-cache, kargo, k8sgateway, prometheus-blackbox-exporter, kube-metrics-adapter, q, spegel, traefik, opentelemetry-operator, kubo, kyverno-policy-reporter, frp, k3s, dkron, coredns, teleport, ipfs-cluster...
GHSA-VVGJ-X9JQ-8CJ9 vulnerabilities
Vulnerabilities for packages: kyverno-policy-reporter-ui, kubernetes-dns-node-cache, kargo, k8sgateway, prometheus-blackbox-exporter, kube-metrics-adapter, q, spegel, traefik, opentelemetry-operator, kubo, kyverno-policy-reporter, frp, k3s, dkron, coredns, teleport, ipfs-cluster...
Traefik 访问控制错误漏洞
Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Versions prior to Traefik 2.11.46, 3.6.17, and 3.7.1 contained a access control vulnerability. This vulnerability stemmed from the Kubernetes Gateway API provider, which allowed tenants with permission to create...
Traefik 2.x < 2.11.46 / 3.x < 3.6.17 / 3.7.x < 3.7.1 Authentication Bypass (CVE-2026-44774)
The version of Traefik installed on the remote macOS host is 2.x prior to 2.11.46, 3.x prior to 3.6.17, or 3.7.x prior to 3.7.1. It is, therefore, affected by an authentication bypass vulnerability: - The Kubernetes Gateway API provider accepts any TraefikService backend reference whose name ends...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass in the handling of internal service references by the Gateway API provider. An attacker can gain unauthorized dynamic configuration write access by creating or updating an HTTPRoute that targets rest@internal, even...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass in the handling of internal service references by the Gateway API provider. An attacker can gain unauthorized dynamic configuration write access by creating or updating an HTTPRoute that targets rest@internal, even...
GHSA-X4MJ-7F9G-29H4 vulnerabilities
Vulnerabilities for packages: external-dns, k8sgateway...
GHSA-H9MW-H4QC-F5JF kubernetes-graphql-gateway: GraphQL Endpoint Vulnerable to Authenticated Denial-of-Service via Unrestricted Query Execution
CVSS 6.5 Medium — The GraphQL API served by kubernetes-graphql-gateway is vulnerable to Denial-of-Service DoS attacks due to a complete absence of query resource controls depth limiting, complexity analysis, response size capping, and rate limiting. An authenticated attacker can craft queries tha...
Traefik: kubernetes gateway rule injection via unescaped backticks in HTTPRoute match values
Summary There is a potential vulnerability in Traefik's Kubernetes Gateway provider related to rule injection. A tenant with write access to an HTTPRoute resource can inject backtick-delimited rule tokens into Traefik's router rule language via unsanitized header or query parameter match values. ...
GHSA-C9V3-4PV7-87PR vulnerabilities
Vulnerabilities for packages: juicefs, kubernetes-dns-node-cache, k8sgateway...
CVE-2026-26017 vulnerabilities
Vulnerabilities for packages: juicefs, kubernetes-dns-node-cache, k8sgateway...
CVE-2026-26017 vulnerabilities
Vulnerabilities for packages: k8sgateway-fips, eks-distro, juicefs, kubernetes-dns-node-cache, kubernetes-dns-node-cache-fips, k8sgateway, eks-distro-fips...