Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/05/15 4:30 p.m.6 views

CVE-2026-44774 Traefik: Gateway API TraefikService backend accepts rest@internal, allowing unauthorized exposure of the REST provider despite providers.rest.insecure=false

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.46, 3.6.17, and 3.7.1, Traefik's Kubernetes Gateway API provider allows a tenant with HTTPRoute creation permissions to expose the REST provider handler, bypassing the providers.rest.insecure=false setting. The Gateway provider...

6.4CVSS5.8AI score0.00457EPSS
Exploits1References4
CVE
CVE
added 2026/05/15 4:30 p.m.73 views

CVE-2026-44774

CVE-2026-44774 - Traefik Gateway API exposure vulnerability Affected: Traefik v2.x before 2.11.46, v3.x before 3.6.17 and 3.7.1. Issue: In the Kubernetes Gateway API provider, a tenant with HTTPRoute creation rights can expose the REST provider handler by abusing TraefikService backend references...

9.9CVSS5.8AI score0.00457EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2026/05/13 3:29 p.m.8 views

GHSA-96QJ-4JJ5-WCJC Traefik: Gateway API TraefikService backend accepts rest@internal, allowing unauthorized exposure of the REST provider despite providers.rest.insecure=false

Summary There is a medium severity vulnerability in Traefik's Kubernetes Gateway API provider that allows a tenant with HTTPRoute creation permissions to expose the REST provider handler, bypassing the providers.rest.insecure=false setting. The Gateway provider accepts any TraefikService backend...

6.4CVSS5.9AI score0.00457EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.18 views

PT-2026-40716

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.46 Traefik versions prior to 3.6.17 Traefik versions prior to 3.7.1 Description Traefik's Kubernetes Gateway API provider contains an authorization bypass that allows a tenant with HTTPRoute creation permissions ...

9.9CVSS5.8AI score0.00457EPSS
Exploits1References18
Rows per page
Query Builder