Lucene search
K

1379 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.6 views

Traefik < 2.11.43 / 3.x < 3.6.14 Multiple Vulnerabilities

The version of Traefik installed on the remote macOS host is prior to 2.11.43 or 3.x prior to 3.6.14. It is, therefore, affected by multiple vulnerabilities: - An authentication bypass via StripPrefixRegex and ForwardAuth dot-segment normalization. When StripPrefixRegex processes URLs with...

10CVSS5.8AI score0.00767EPSS
Exploits4References10
EUVD
EUVD
added 2026/05/01 2:15 p.m.27 views

EUVD-2026-26641

In the Linux kernel, the following vulnerability has been resolved: mpls: add seqcount to protect the platformlabel,s pair The RCU-protected codepaths mplsforward, mplsdumproutes can have an inconsistent view of platformlabels vs platformlabel in case of a concurrent resize...

5.8AI score0.0011EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.7 views

PT-2026-36459

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description RCU-protected codepaths, specifically mpls forward and mpls dump routes, can maintain an inconsistent view of platform labels versus platform label during a concurrent resize operation...

7.1CVSS5.4AI score0.0011EPSS
Exploits0References13
NVD
NVD
added 2026/04/30 9:16 p.m.5 views

CVE-2026-40912

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's StripPrefixRegex middleware when used in combination with ForwardAuth, BasicAuth, or DigestAuth. The middleware matches...

8.6CVSS0.00767EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2026/04/30 8:38 p.m.5 views

CVE-2026-40912 Traefik: StripPrefixRegex auth bypass via Path/RawPath desync

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's StripPrefixRegex middleware when used in combination with ForwardAuth, BasicAuth, or DigestAuth. The middleware matches...

7.8CVSS5.7AI score0.00767EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2026/04/30 8:38 p.m.10 views

CVE-2026-40912

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's StripPrefixRegex middleware when used in combination with ForwardAuth, BasicAuth, or DigestAuth. The middleware matches...

8.2CVSS5.7AI score0.00767EPSS
Exploits1References4
CVE
CVE
added 2026/04/30 8:38 p.m.30 views

CVE-2026-40912

CVE-2026-40912 affects Traefik’s StripPrefixRegex middleware used with ForwardAuth, BasicAuth, or DigestAuth. The vulnerability arises because the middleware matches a decoded URL path against a regex but uses that length to slice the percent-encoded RawPath, which can produce a dot-segment (e.g....

8.6CVSS5.3AI score0.00767EPSS
Exploits1References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/30 8:26 p.m.3 views

CVE-2026-39858

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's ForwardAuth and snippet-based authentication middleware. Traefik's forwarded-header sanitization logic targets only...

7.8CVSS5.3AI score0.00479EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/04/30 8:26 p.m.7 views

EUVD-2026-26426

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is an authentication bypass vulnerability in Traefik's ForwardAuth middleware when trustForwardHeader=false is configured and Traefik is deployed behind a trusted upstream proxy. This issu...

7.8CVSS5.2AI score0.00267EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.13 views

Traefik 数据伪造问题漏洞

Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Versions prior to Traefik 2.11.43, 3.6.14, and 3.7.0-rc.2 contained a data manipulation vulnerability. This vulnerability stems from the ForwardAuth middleware, which has a authentication bypass vulnerability wh...

10CVSS5.7AI score0.00267EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.6 views

Juniper Junos OS Vulnerability (JSA75730)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75730 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper DHCP Daemon jdhcpd of Juniper Networks Junos OS allows an adjacent, unauthenticated attack...

6.5CVSS6.7AI score0.00293EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/26 1:52 a.m.7 views

SUSE CVE-2026-31683

In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled at runtime, an existing forwarded packet may have been allocated with only packetlen bytes, while a later packet can still ...

4.8CVSS5.5AI score0.00121EPSS
Exploits0References7
NVD
NVD
added 2026/04/25 9:16 a.m.5 views

CVE-2026-31683

In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled at runtime, an existing forwarded packet may have been allocated with only packetlen bytes, while a later packet can still ...

7.8CVSS0.00121EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/04/25 8:47 a.m.10 views

CVE-2026-31683

In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled at runtime, an existing forwarded packet may have been allocated with only packetlen bytes, while a later packet can still ...

5.5AI score0.00121EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/04/25 8:47 a.m.21 views

CVE-2026-31683

The CVE-2026-31683 issue affects the Linux kernel’s batman-adv module. When the Optimized Global Messaging (OGM) aggregation state is toggled at runtime, a forwarded packet that was allocated with insufficient tailroom may be appended to by a later packet, leading to skb_put overflow conditions. ...

7.8CVSS5.5AI score0.00121EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/04/24 4:37 p.m.3 views

GHSA-6JWX-7VP4-9847 Traefik has an StripPrefixRegex Middleware Authorization Bypass via Path/RawPath Desync

Summary There is a high severity authentication bypass vulnerability in Traefik's StripPrefixRegex middleware when used in combination with ForwardAuth, BasicAuth, or DigestAuth. The middleware matches the regex against the decoded URL path but uses the resulting byte length to slice the...

8.2CVSS5.8AI score0.00767EPSS
Exploits1References6
Snyk
Snyk
added 2026/04/24 4:37 p.m.3 views

Use of Incorrectly-Resolved Name or Reference

Overview Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference in StripPrefixRegex, when used together with ForwardAuth, BasicAuth, or DigestAuth. An attacker can gain unauthorized access to protected backend resources by sending requests with...

9.1CVSS5.5AI score0.00767EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/24 4:37 p.m.4 views

Use of Incorrectly-Resolved Name or Reference

Overview Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference in StripPrefixRegex, when used together with ForwardAuth, BasicAuth, or DigestAuth. An attacker can gain unauthorized access to protected backend resources by sending requests with...

9.1CVSS5.5AI score0.00767EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/24 4:37 p.m.4 views

Use of Incorrectly-Resolved Name or Reference

Overview Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference in StripPrefixRegex, when used together with ForwardAuth, BasicAuth, or DigestAuth. An attacker can gain unauthorized access to protected backend resources by sending requests with...

9.1CVSS5.5AI score0.00767EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/24 4:31 p.m.4 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the ForwardAuth middleware when trustForwardHeader is set to false and the deployment is behind a trusted upstream proxy. An attacker can gain unauthorized access to protected backend...

10CVSS5.5AI score0.00267EPSS
Exploits1References2
Rows per page
Query Builder