Known Vulnerabilities for products from Traefik
Listed below are 17 of the newest known vulnerabilities associated with the vendor "Traefik".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34206 json | Not Provided | 2026-03-31 | 2026-04-01 | |
| CVE-2026-33433 json | Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when `headerField` is ... | Not Provided | 2026-03-27 | 2026-04-03 |
| CVE-2026-32695 json | Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider build... | Not Provided | 2026-03-27 | 2026-04-03 |
| CVE-2023-47633 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-12-04 | 2023-12-07 |
| CVE-2023-47124 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.9 - MEDIUM | 2023-12-04 | 2023-12-07 |
| CVE-2023-47106 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-12-04 | 2023-12-07 |
| CVE-2023-44487 json | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many stre... | 7.5 - HIGH | 2023-10-10 | 2024-02-02 |
| CVE-2023-29013 json | Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnera... | 7.5 - HIGH | 2023-04-14 | 2023-05-26 |
| CVE-2022-46153 json | Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Tr... | 6.5 - MEDIUM | 2022-12-08 | 2022-12-12 |
| CVE-2022-39271 json | Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer that assists in deploying microservices. There ... | 7.5 - HIGH | 2022-10-11 | 2023-07-14 |
| CVE-2022-23632 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-02-17 | 2022-11-23 |
| CVE-2022-23469 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-12-08 | 2022-12-12 |
| CVE-2021-32813 json | Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.4.13, there exists a potential header vulnerability in... | 8.1 - HIGH | 2021-08-03 | 2021-08-11 |
| CVE-2020-15129 json | In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik's ha... | 4.7 - MEDIUM | 2020-07-30 | 2021-07-28 |
| CVE-2020-9321 json | configurationwatcher.go in Traefik 2.x before 2.1.4 and TraefikEE 2.0.0 mishandles the purging of certificate contents from p... | 7.5 - HIGH | 2020-03-16 | 2021-07-28 |
| CVE-2019-20894 json | Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where... | 7.5 - HIGH | 2020-07-02 | 2021-07-28 |
| CVE-2019-12452 json | types/types.go in Containous Traefik 1.7.x through 1.7.11, when the --api flag is used and the API is publicly reachable and ... | 7.5 - HIGH | 2019-05-29 | 2021-07-28 |
| CVE-2018-15598 json | Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the configuration and secret if authentication is missing ... | 7.5 - HIGH | 2018-08-21 | 2021-07-28 |