Lucene search
K

13 matches found

NVD
NVD
added 2026/06/23 8:16 p.m.6 views

CVE-2026-48020

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.48, 3.6.19, and 3.7.3, there is a high severity vulnerability in Traefik's StripPrefix middleware that allows an unauthenticated attacker to bypass route-level authentication and authorization. When a public router matches on a...

10CVSS0.00591EPSS
Exploits2References7
ATTACKERKB
ATTACKERKB
added 2026/06/23 7:10 p.m.21 views

CVE-2026-48020

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.48, 3.6.19, and 3.7.3, there is a high severity vulnerability in Traefik's StripPrefix middleware that allows an unauthenticated attacker to bypass route-level authentication and authorization. When a public router matches on a...

7.8CVSS5.9AI score0.00591EPSS
Exploits2References5Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/23 7:10 p.m.5 views

CVE-2026-48020

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.48, 3.6.19, and 3.7.3, there is a high severity vulnerability in Traefik's StripPrefix middleware that allows an unauthenticated attacker to bypass route-level authentication and authorization. When a public router matches on a...

10CVSS5.8AI score0.00591EPSS
Exploits2References7
Github Security Blog
Github Security Blog
added 2026/06/11 1:26 p.m.15 views

Traefik has a StripPrefix Route-Level Auth Bypass via Path Normalization

Summary There is a high severity vulnerability in Traefik's StripPrefix middleware that allows an unauthenticated attacker to bypass route-level authentication and authorization. When a public router matches on a PathPrefix rule and applies the StripPrefix middleware, a request path containing...

10CVSS5.6AI score0.00591EPSS
Exploits2References5Affected Software2
OSV
OSV
added 2026/06/11 1:26 p.m.10 views

GHSA-XF64-8MW2-4GR2 Traefik has a StripPrefix Route-Level Auth Bypass via Path Normalization

Summary There is a high severity vulnerability in Traefik's StripPrefix middleware that allows an unauthenticated attacker to bypass route-level authentication and authorization. When a public router matches on a PathPrefix rule and applies the StripPrefix middleware, a request path containing...

7.8CVSS5.6AI score0.00591EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.11 views

PT-2026-48684

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.48 Traefik versions prior to 3.6.19 Traefik versions prior to 3.7.3 Description An unauthenticated attacker can bypass route-level authentication and authorization in Traefik when PathPrefix-based public routes a...

7.8CVSS5.3AI score0.00591EPSS
Exploits2References13
Github Security Blog
Github Security Blog
added 2025/12/08 4:42 p.m.13 views

Path Normalization Bypass in Traefik Router + Middleware Rules

Impact There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path; if the request path contains an encoded restricted character from the followin...

6.9CVSS7AI score0.00331EPSS
Exploits1References5Affected Software3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-16447

Malicious code in bioql PyPI...

6.3CVSS6.3AI score0.00784EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/04/25 5:31 p.m.12 views

CVE-2025-32431

Traefik pronounced traffic is an HTTP reverse proxy and load balancer. In versions prior to 2.11.24, 3.3.6, and 3.4.0-rc2. There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backe...

9.3CVSS6.7AI score0.00768EPSS
Exploits0References1
NVD
NVD
added 2025/04/21 4:15 p.m.49 views

CVE-2025-32431

Traefik pronounced traffic is an HTTP reverse proxy and load balancer. In versions prior to 2.11.24, 3.3.6, and 3.4.0-rc2. There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backe...

9.3CVSS0.00768EPSS
Exploits0References5
OSV
OSV
added 2025/04/21 3:34 p.m.4 views

CVE-2025-32431 Traefik has a possible vulnerability with the path matchers

Traefik pronounced traffic is an HTTP reverse proxy and load balancer. In versions prior to 2.11.24, 3.3.6, and 3.4.0-rc2. There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backe...

9.3CVSS3.9AI score0.00768EPSS
Exploits0References7
exploitpack
exploitpack
added 2012/06/28 12:0 a.m.12 views

webERP 4.08.1 - LocalRemote File Inclusion

webERP 4.08.1 - LocalRemote File Inclusion :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2012-06-27 webERP = 4.08.1 Local/Remote File Inclusion Vulnerability Script:...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2007/08/01 12:0 a.m.4 views

PT-2007-5319 · Php · Phpwebfilemanager

Name of the Vulnerable Software and Affected Versions: phpWebFileManager version 0.5 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the PN PathPrefix parameter in the index.php file. However, this issue is disputed by a reliable third party, who...

6.8CVSS7.9AI score0.01349EPSS
Exploits0References6
Rows per page
Query Builder