threat
engine
.sh
Back
·
··:··
Home
/
Product
/
traefik
Product
traefik
40 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-41263
< 2.11.43
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a timing side-chan
3.7
LOW
CVE-2026-41174
< 2.11.43
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a potential vulner
6.4
MEDIUM
CVE-2026-40912
< 2.11.43
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity au
8.2
HIGH
CVE-2026-39858
< 2.11.43
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity au
10.0
CRITICAL
CVE-2026-35051
< 2.11.43
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is an authentication
10.0
CRITICAL
CVE-2026-33433
< 2.11.42
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.42, 3.6.11, and 3.7.0-ea.3, when
headerField
is confi
8.8
HIGH
CVE-2026-32695
< 3.6.11
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds rou
7.7
HIGH
CVE-2026-32595
< 2.11.41
Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 comtain
3.7
LOW
CVE-2026-32305
< 2.11.41
Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 are vul
5.3
MEDIUM
CVE-2026-29777
< 3.6.10
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.10, A tenant with write access to an HTTPRoute resource can injec
6.5
MEDIUM
CVE-2026-29054
>= 2.11.9 and < 2.11.38
Traefik is an HTTP reverse proxy and load balancer. From version 2.11.9 to 2.11.37 and from version 3.1.3 to 3.6.8, there is a pot
7.5
HIGH
CVE-2026-26999
< 2.11.38
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Tra
7.5
HIGH
CVE-2026-26998
< 2.11.38
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Tra
4.4
MEDIUM
CVE-2026-25949
< 3.6.8
Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTL
7.5
HIGH
CVE-2026-22045
< 2.11.35
Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.35 and 3.6.7, there is a potential vulnerability in Traefik ACME
5.9
MEDIUM
CVE-2025-66491
>= 3.5.0 and < 3.6.3
Traefik is an HTTP reverse proxy and load balancer. Versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the nginx
5.9
MEDIUM
CVE-2025-66490
< 2.11.32
Traefik is an HTTP reverse proxy and load balancer. For versions prior to 2.11.32 and 2.11.31 through 3.6.2, requests using PathPr
6.5
MEDIUM
CVE-2025-54386
< 2.11.7
Traefik is an HTTP reverse proxy and load balancer. In versions 2.11.27 and below, 3.0.0 through 3.4.4 and 3.5.0-rc1, a path trave
9.8
CRITICAL
CVE-2025-47952
< 2.11.25
Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential
9.1
CRITICAL
CVE-2025-32431
< 2.11.24
Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. In versions prior to 2.11.24, 3.3.6, and 3.4.0-rc2. There
9.1
CRITICAL
CVE-2024-52003
< 2.11.14
Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. There is a vulnerability in Traefik that allows the clien
6.1
MEDIUM
CVE-2024-45410
< 2.11.9
Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-F
9.8
CRITICAL
CVE-2024-39321
< 2.11.6
Traefik is an HTTP reverse proxy and load balancer. Versions prior to 2.11.6, 3.0.4, and 3.1.0-rc3 have a vulnerability that allow
7.5
HIGH
CVE-2024-28869
< 2.11.2
Traefik is an HTTP reverse proxy and load balancer. In affected versions sending a GET request to any Traefik endpoint with the "C
7.5
HIGH
CVE-2023-47633
<= 2.10.5
Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its o
7.5
HIGH
CVE-2023-47124
<= 2.10.5
Traefik is an open source HTTP reverse proxy and load balancer. When Traefik is configured to use the
HTTPChallenge
to generate
5.9
MEDIUM
CVE-2023-47106
<= 2.10.5
Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik aut
4.8
MEDIUM
CVE-2023-44487
< 2.10.5
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams q
7.5
HIGH
CVE-2023-29013
< 2.9.10
Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer for deploying microservices. There is a vulnerabilit
7.5
HIGH
CVE-2022-46153
< 2.9.6
Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik
8.1
HIGH
CVE-2022-23469
< 2.9.6
Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are subject to a potential vulnerability i
3.5
LOW
CVE-2022-39271
< 2.8.8
Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer that assists in deploying microservices. There is a
7.5
HIGH
CVE-2022-23632
< 2.6.1
Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security (TLS
7.4
HIGH
CVE-2021-32813
< 2.4.13
Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.4.13, there exists a potential header vulnerability in Trae
4.8
MEDIUM
CVE-2021-27375
< 2.4.5
Traefik before 2.4.5 allows the loading of IFRAME elements from other domains.
5.3
MEDIUM
CVE-2020-15129
< 1.7.26
In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik's handlin
6.1
MEDIUM
CVE-2019-20894
>= 2.0.0 and < 2.0.1
Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERR_
7.5
HIGH
CVE-2020-9321
>= 2.0.0 and <= 2.1.4
configurationwatcher.go in Traefik 2.x before 2.1.4 and TraefikEE 2.0.0 mishandles the purging of certificate contents from provid
7.5
HIGH
CVE-2019-12452
>= 1.7.0 and <= 1.7.11
types/types.go in Containous Traefik 1.7.x through 1.7.11, when the --api flag is used and the API is publicly reachable and expos
7.5
HIGH
CVE-2018-15598
>= 1.6.0 and < 1.6.6
Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the configuration and secret if authentication is missing and t
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin