3 matches found
CVE-2025-47952
Traefik (HTTP reverse proxy/load balancer) had a path-matching bypass vulnerability prior to 2.11.25 and 3.4.1 when a URL with an encoded path string could bypass the middleware chain and target a backend exposed via another router. Affected versions: <2.11.25 and
FreeBSD : traefik -- Path traversal vulnerability (67dd7a9e-3cd8-11f0-b601-5404a68ad561)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 67dd7a9e-3cd8-11f0-b601-5404a68ad561 advisory. The traefik project reports: There is a potential vulnerability in Traefik managing the requests using ...
SUSE CVE-2025-32431
Traefik pronounced traffic is an HTTP reverse proxy and load balancer. In versions prior to 2.11.24, 3.3.6, and 3.4.0-rc2. There is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backe...