Improper TLS Certificate Verification

github.com/traefik/traefik/v3 is vulnerable to improper TLS certificate verification. The vulnerability is due to incorrect handling of the proxy-ssl-verify annotation, which disables TLS verification when enabled, allowing an attacker to perform man-in-the-middle attacks on HTTPS backends...

FreeBSD : traefik -- Inverted TLS Verification Logic in Kubernetes NGINX Provider (dc7e30db-de67-11f0-b893-5404a68ad561)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the dc7e30db-de67-11f0-b893-5404a68ad561 advisory. The traefik project reports: There is a potential vulnerability in Traefik NGINX provider managing the...

SUSE CVE-2025-66491

Traefik is an HTTP reverse proxy and load balancer. Versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the annotation to "on" intending to enable backend TLS certificate verification actually disables...

CVE-2025-66491 Traefik has Inverted TLS Verification Logic in its ingress-nginx Provider

Traefik is an HTTP reverse proxy and load balancer. Versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the annotation to "on" intending to enable backend TLS certificate verification actually disables...

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to inverted logic in the InsecureSkipVerify field when processing the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. An attacker can intercept and read sensitive data by performing...

Traefik Inverted TLS Verification Logic in ingress-nginx Provider

Impact There is a potential vulnerability in Traefik NGINX provider managing the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. The provider inverts the semantics of the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the annotation to "on" intending to enable backend T...

GHSA-7VWW-MVCR-X6VJ Traefik Inverted TLS Verification Logic in ingress-nginx Provider

Impact There is a potential vulnerability in Traefik NGINX provider managing the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. The provider inverts the semantics of the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the annotation to "on" intending to enable backend T...

Siemens SIMATIC S7-1500 Improper Certificate Validation (CVE-2021-28363)

The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy if an SSLContext isn't given via proxyconfig doesn't verify the hostname of the certificate. This means certificates for...

EUVD-2018-17282

Malware in sbrugna...

K46940010: TMM vulnerability CVE-2018-5513

Security Advisory Description A malformed Transport Layer Security TLS handshake causes the Traffic Management Microkernel TMM to stop responding, leading to a disruption of service. This issue is only exposed on the data plane when a Proxy SSL configuration is enabled. The control plane is not...

SUSE CVE-2009-1836

Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying...

SUSE CVE-2018-8059

The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxyssl directives are used...

httpd security, bug fix, and enhancement update

2.4.6-93.0.1 - replace index.html with Oracles index page oracleindex.html 2.4.6-93 - Resolves: 1677496 - CVE-2018-17199 httpd: modsessioncookie does not respect expiry time 2.4.6-92 - htpasswd: add SHA-2 crypt support 1486889 2.4.6-91 - Resolves: 1630886 - scriptlet can fail if hostname is not...

F5 Networks BIG-IP : TMM vulnerability (K46940010)

A malformed Transport Layer Security TLS handshake causes the Traffic Management Microkernel TMM to stop responding, leading to a disruption of service. This issue is only exposed on the data plane when a Proxy SSL configuration is enabled. The control plane is not impacted by this issue...

CVE-2018-5513

On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a malformed TLS handshake causes TMM to crash leading to a disruption of service. This issue is only exposed on the data plane when Proxy SSL configuration is enabled. The control plane is not impact...

Information disclosure

On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a malformed TLS handshake causes TMM to crash leading to a disruption of service. This issue is only exposed on the data plane when Proxy SSL configuration is enabled. The control plane is not impact...

CVE-2018-5513

On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a malformed TLS handshake causes TMM to crash leading to a disruption of service. This issue is only exposed on the data plane when Proxy SSL configuration is enabled. The control plane is not impact...

CVE-2018-5513

CVE-2018-5513 affects F5 BIG-IP TMM when Proxy SSL is enabled on the data plane. A malformed TLS handshake crashes or stalls TMM, causing disruption of service; the control plane remains unaffected. Connected advisory details specify vulnerable branches and the fixes: BIG-IP versions 13.0.0 and 1...

CVE-2018-5513

On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a malformed TLS handshake causes TMM to crash leading to a disruption of service. This issue is only exposed on the data plane when Proxy SSL configuration is enabled. The control plane is not impact...