SUSE CVE-2026-33433

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when headerField is configured with a non-canonical HTTP header name e.g., x-auth-user instead of X-Auth-User, an authenticated attacker can inject their own canonical version of that header to...

CVE-2026-33433

Traefik vulnerability CVE-2026-33433 affects Traefik HTTP reverse proxy/load balancer. If headerField is configured with a non-canonical header name (eg. x-auth-user), an authenticated attacker can inject a canonical header, causing the backend to read the attacker’s header first and impersonate ...

CVE-2026-33433 Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when headerField is configured with a non-canonical HTTP header name e.g., x-auth-user instead of X-Auth-User, an authenticated attacker can inject their own canonical version of that header to...

CVE-2026-33433

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when headerField is configured with a non-canonical HTTP header name e.g., x-auth-user instead of X-Auth-User, an authenticated attacker can inject their own canonical version of that header to...

PT-2026-28482

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.42 Traefik versions prior to 3.6.12 Traefik versions prior to 3.7.0-ea.3 Description Traefik, an HTTP reverse proxy and load balancer, is susceptible to an identity impersonation issue. When the headerField...

OSV-2020-1152 Heap-buffer-overflow in pcpp::tbp_my_own_strnlen

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22483 Crash type: Heap-buffer-overflow READ 1 Crash state: pcpp::tbpmyownstrnlen pcpp::HeaderField::HeaderField pcpp::TextBasedProtocolMessage::parseFields...

OSV-2020-973 Heap-buffer-overflow in pcpp::HeaderField::HeaderField

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22837 Crash type: Heap-buffer-overflow READ 1 Crash state: pcpp::HeaderField::HeaderField pcpp::TextBasedProtocolMessage::parseFields pcpp::SipResponseLayer::SipResponseLayer...

OSV-2020-943 Heap-buffer-overflow in pcpp::HeaderField::HeaderField

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22528 Crash type: Heap-buffer-overflow READ 1 Crash state: pcpp::HeaderField::HeaderField pcpp::TextBasedProtocolMessage::parseFields pcpp::SipResponseLayer::SipResponseLayer...

OSV-2020-45 Use-of-uninitialized-value in pcpp::tbp_my_own_strnlen

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22829 Crash type: Use-of-uninitialized-value Crash state: pcpp::tbpmyownstrnlen pcpp::HeaderField::HeaderField pcpp::TextBasedProtocolMessage::parseFields...