Lucene search
K

15 matches found

NVD
NVD
added 2026/06/23 8:16 p.m.6 views

CVE-2026-53622

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 QUIC TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. When HTTP/3 is enabled on an entrypoint, the TLS handshake...

10CVSS0.0024EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/06/23 7:12 p.m.4 views

CVE-2026-48491 Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass

Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection SNICheck that allows an unauthenticated client to bypass mutual TLS enforced through wildcard router TLSOptions. When a router uses a wildcard...

7.8CVSS5.9AI score0.00245EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/23 7:12 p.m.36 views

CVE-2026-48491 Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass

Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection SNICheck that allows an unauthenticated client to bypass mutual TLS enforced through wildcard router TLSOptions. When a router uses a wildcard...

7.8CVSS0.00245EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 7:12 p.m.9 views

CVE-2026-48491

CVE-2026-48491 (Traefik) describes a high-severity vulnerability in Traefik 3.7.0–3.7.3 where SNICheck ignores wildcard TLSOptions mappings. An unauthenticated client can complete a TLS handshake with a permissive SNI on the same entrypoint and then send a Host header targeting a wildcard-protect...

10CVSS5.9AI score0.00245EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/16 7:2 p.m.74 views

Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass

Summary There is a high severity vulnerability in Traefik's domain-fronting protection SNICheck that allows an unauthenticated client to bypass mutual TLS enforced through wildcard router TLSOptions. When a router uses a wildcard host rule such as Host.example.com with stricter TLS options for...

10CVSS5.1AI score0.00245EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/29 9:50 a.m.17 views

CVE-2026-46579

A flaw was found in the OpenShift Router. When a Route has insecureEdgeTerminationPolicy set to Allow, the HTTP frontend does not remove X-SSL-Client- headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP requests with crafted X-SSL-Client- headers. As a resul...

7.4CVSS5.7AI score0.0023EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/29 9:50 a.m.11 views

EUVD-2026-33274

A flaw was found in the OpenShift Router. When a Route has insecureEdgeTerminationPolicy set to Allow, the HTTP frontend does not remove X-SSL-Client- headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP requests with crafted X-SSL-Client- headers. As a resul...

7.4CVSS5.7AI score0.0023EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/13 2:53 p.m.9 views

SUSE CVE-2024-37082

When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud Foundry applications. You are affected if you have route-services enabled in routing-release and have...

9.1CVSS5.8AI score0.00545EPSS
Exploits0References3
OSV
OSV
added 2026/03/23 6:16 p.m.5 views

GO-2026-4793 Traefik has a Potential mTLS Bypass via Fragmented TLS ClientHello Causing Pre-SNI Sniff Fallback to Default Non-mTLS TLS Config in github.com/traefik/traefik

Traefik has a Potential mTLS Bypass via Fragmented TLS ClientHello Causing Pre-SNI Sniff Fallback to Default Non-mTLS TLS Config in github.com/traefik/traefik...

8.3CVSS5.8AI score0.00405EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/23 10:53 a.m.4 views

CVE-2026-32305

A flaw was found in Traefik, an HTTP reverse proxy and load balancer. A remote attacker can exploit this vulnerability by sending fragmented ClientHello packets during the Transport Layer Security TLS handshake. This causes Traefik's Server Name Indication SNI extraction to fail, leading to a...

8.3CVSS5.8AI score0.00405EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/03/20 10:1 a.m.3 views

CVE-2026-32305 Traefik mTLS bypass via fragmented ClientHello SNI extraction failure

Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 are vulnerable to mTLS bypass through the TLS SNI pre-sniffing logic related to fragmented ClientHello packets. When a TLS ClientHello is fragmented across multiple records,...

7.8CVSS5.8AI score0.00405EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/20 10:1 a.m.4 views

CVE-2026-32305

Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 are vulnerable to mTLS bypass through the TLS SNI pre-sniffing logic related to fragmented ClientHello packets. When a TLS ClientHello is fragmented across multiple records,...

7.8CVSS5.8AI score0.00405EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/02/24 5:29 p.m.4 views

UBUNTU-CVE-2026-27586

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, two swallowed errors in ClientAuthentication.provision cause mTLS client certificate authentication to silently fail open when a CA certificate file is missing, unreadable, or malformed. The server starts...

9.3CVSS5.8AI score0.00267EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-0769

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01931EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2022/07/06 12:15 p.m.2 views

CVE-2022-32290

The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network interfaces instead o...

4.3CVSS5.6AI score0.00224EPSS
Exploits0References3
Rows per page
Query Builder